> Podman is not meant to run K8s. Podman targets single-node machines and focuses on servers and developer machines. It does not implement Container Runtime Interface (CRI) that K8s uses to communicate with the container runtime. CRI-O is dedicated to exactly that use-case.
yeah, I got that
so let me rephrase; the fact that I mentioned minikube - that is just a first step for me a beginner here - seems to have been misleading
my ultimate goal is to deploy a k8s cluster on a handful of bare-metal fedora boxes, running podman instead of docker
but I was surprised to see **almost no mention** of podman in the k8s documentation, where docker appears a zillion of times along with, in shorter supply, rkt
As mentioned before, Podman is not meant to be running underneath Kubernetes. That is CRI-O's job.
Minikube supports using "sudo podman" to run minikube in a privileged container, as an alternative to "docker".
And it also supports using cri-o / podman as an alternative to containerd / buildkitd, replacing the old "rkt".
Previously we defaulted to VirtualBox, but now the default is Docker. It has some better support for Mac and Win.
The container runtime default is still Docker and "dockershim", but this will move to use CRI and "cri-dockerd".
Podman is supported on Linux, but not on Mac or Win:
Minikube also supports using the VM as an alternative to starting another VM with Docker Desktop or Docker Machine.
Here were are using the "podman-env" command to do it for Podman, which works similar to the "docker-env" command.:
It uses the podman-remote client, installed on the host.
(disguising as "podman" on Mac and on Win, confusingly)
The main issues are the recurring regressions and the lack of testing (especially in CI). They might be related ?
As you have noted, most of the users and most of the k8s documentation is running Docker and running on Ubuntu.
But both CRI-O and Fedora have been supported for years, even if they might be unavailable due to technical issues.
For instance: upgrading to cgroups v2, changing from varlink to rest, changing to btrfs, or Next Big Thing etc
Kubernetes documentation is handled by a separate SIG, but they are _also_ accepting PRs to improve their docs.
Running kubernetes in rootless podman (and docker) is something being *actively* worked on. Not there just yet.
Most of it is handled in the "kind" project, sharing code with minikube:
https://kind.sigs.k8s.io/docs/user/rootless/
So Podman can be used for *running* Kubernetes ("kinp"), and it can also be used on a node that is running Kubernetes.
Currently we are using "podman build" for image building. There has been no reason to expose Buildah to the user.
The benefit of this is that the images are immediately available to the k8s cluster. No registry, no waiting time.
One uses "sudo crictl" for interfacing with containers. There are no podman commands used for that, only images.
Docker and rkt are mentioned for historical reasons. Both have been used underneath Kubernetes for a longer period of time. rkt has been discontinued a long time ago and also Docker is not supported underneath Kubernetes anymore.
The rkt support has been removed, and dockershim will be removed. But Docker is still there.
It will just be forced to use the same interfaces (CRI / CNI) as everybody else has to...
I understand that the podman team is not in charge of that documentation, I’m just saying this suggests podman cannot be used in this way, which I’m pretty certain it is, right ?
Podman cannot be used underneath Kubernetes.
We are using podman as a _complement_ to cri-o, since they do share the same images...
They do not share the same container instances though, and don't use the same code (yet)
> If you see specific bugs, opening an issue upstream would be great. For questions, the mailing list works well, GitHub issues or the #podman channel on Freenode IRC (and Libera Chat).
thanks for pointing out irc, I’ll try to join you guys there
Great, see you over there :)
We are mostly using the Kubernetes Slack, where there is both #minikube and #crio
Will also try to join the Podman Community meeting on Tuesday (June 1st), as usual.
/Anders