Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News Podman 5 Improves Performance and Stability on Mac and Windows through Partial Rewrite

Podman 5 Improves Performance and Stability on Mac and Windows through Partial Rewrite

The latest release of the container management tool Podman brings a complete rewrite of the podman machine command to improve hypervisor support on macOS and Windows. Additionally, it now supports OCI artifacts in manifest files, adopts Pasta by default for rootless networking, and improves the containers.conf configuration file.

Podman machines are the basic mechanism for launching Linux virtual machines, which is required for macOS and Windows-based systems to run Linux containers. Thanks to a new implementation, Podman 5 now uses the Apple Hypervisor on Macs and deprecates QEMU.

With the rewrite, we have improved performance and stability, and significantly increased code sharing between different VM providers, making future maintenance and fixes easier. We have also added support for the Apple hypervisor on Mac, greatly improving stability, boot times, and filesharing performance on Macs.

For all Podman 4 users, it is important to know that there is no straightforward upgrade path for existing Podman 4 machines to run under Podman 5. As Red Hat software engineer Brent Baude explains, "the underpinnings and operating system improvements in Podman 5 machines make this a non-trivial process".

The process to port a Podman 4 machine to Podman 5 varies depending on whether the machine is ephemeral or not and whether it can be easily rebuilt or not. In all cases, the first step is backing up all data in running containers so you can restore their status after removing them. For ephemeral containers, you just need to run the new podman machine reset command. For non-ephemeral images and containers, you can either push them to a registry to fetch them again after the upgrade, or you can use podman commit or podman save to the same effect.

Another significant change brought by Podman 5 is the adoption of Pasta as the default rootless networking backend, replacing slirp4netns. Rootless networking is used along with unprivileged (non-root) users to work around the fact they cannot create network interfaces on the host. The main reason to switch away from slirp4nets and make Pasta the default is performance, says Red Hat.

As a final note, Podman 5 made its main configuration file, containers.conf, more robust and flexible.

To make it more robust, containers.conf does not host information about the Podman system connections and farms anymore. In fact, adding connections or farms using the old podman system connection command was prone to overwriting user configuration and comments. To prevent this, connection and farm information is now stored in a separate file which is not meant to be user-modifiable, podman-connections.json.

In addition to this, containers.conf include new configuration fields, such as retry and retry_delay to specify retries and pauses to push/pull images; firewall_driver, allowing you to choose among iptables, nftables, firewalld, and no firewall at all; and interface_name can be automatically assigned to the same value on both the container and the host by using the device value.

There is much more to Podman 5 than can be covered here, so do not miss the release notes for the full picture.

About the Author

Rate this Article