 All right, I think we can get started. Thanks for joining the session about Podman desktop. So this session is about some really cute little seals. And if there they are. So Podman desktop is a fairly new project that is kind of trying to address some pain points, especially for developers or for people working with containers on their local machine, especially with kind of the more recent changes in the strategy of the company Docker and Docker desktop. There was kind of a need from the community for an open source project. So this is Podman desktop. So before we talk about Podman desktop, maybe to give you a little bit of background on the project Podman itself, which sits behind Podman desktop. So Podman itself is a way to interact with containers. It's a very fast and lightweight way of working with containers. So there's no big kind of daemon like you would have with Docker. So it allows for a much faster experience. Of course, it's open source. It's also more secure because it's by default, rootless. And so you can use rootless containers and don't necessarily need elevated privileges. And of course, it's compatible with the normal containers that you would build, even if you built a container with Docker or with Builda or with any kind of open container initiative. So OCI compliant containers. So for those who aren't familiar with how to use Podman, it's very similar to Docker. So you can use it to run, build, push container images. But you can also use it to create pods, kind of as the name would imply, and allows you to work a little bit more closely with Kubernetes. So for example, in terms of images, again, if you're familiar with Docker, where you would do Docker push or Docker pull is exactly the same with Podman. And in fact, you could just kind of alias Docker to Podman. And then you can use Podman to use with Docker commands to they're fairly compatible. So you can see here, like if I want to list my container images, I can just do Podman images. If I want to build my container, it's just Podman build and so on and so forth. And then if I want to run my container, I can just do a Podman run. I can look at the containers that are running with Podman PS or attached to a container and so on. So again, if you're familiar with Docker, this is exactly the same, right? What's a little bit different with Podman is that you can also create pods, which is kind of interesting. So if you know Kubernetes in the concept of pods, this is exactly the same. So you have multiple containers that can go in one pod and they share, for example, network and resources, which can be kind of interesting. And I'll show that in a little demo later on as well, where I'll show a particular use case that could be interesting. So in terms of the architecture of Podman, you can see that compared to this is how the Docker daemon works. Podman does not use root context by default. So that's kind of an architectural difference that makes it more flexible and usable. So Podman and Podman Desktop, they're developed by Red Hat, which is also the company that I work for. And our container philosophy is built on kind of make tools that do kind of one thing and do it well instead of having Docker daemon, which can do a lot of things, but uses a lot of resources and is kind of beefy. So we have different tools for different purposes. So you can see Podman for managing and running containers. Podman Desktop, which we'll dive into a little bit more. But there's also projects like Builda specifically for building container images in different ways. There's Scopio to interact with registries. And so you can, for example, go and inspect images remotely without having to pull them down, which is something that the Docker command couldn't do. I'm not sure if it can do right now. And for example, CRUN2 as a container runtime. So there's a bunch of different projects. There's also Project Cryo for Kubernetes and stuff like that. So that's all the projects that Red Hat works on. So one of them, of course, is Podman Desktop. That's why we're here today. So Podman Desktop is a tool mostly focused on the application developers to be able to work with containers without being experts in all the different Docker commands. Like me, for example, I'm a software engineer. And I started working with containers a while ago, maybe 10 years ago. Yeah, I think just about. And so it was really learning about how to run containers, how to build containers. Very complicated. If you're just an application developer, you want to be able to focus on your code. So with Podman Desktop, it's trying to make that a little bit easier. So with a nice UI that allows you to do different things, like building containers, like running containers, creating pods, but also interacting with Kubernetes and creating Kubernetes resources. It's, of course, has support for OCI registries. So Docker Hub, for example, or Queda.io, or GitHub Registry, your local registry, your private registry, so it can plug into those in terms of those pods that I was talking about. So you can create pods from containers just from the UI. You can just select. I want to create a pod with this container and this container, and then it'll create a pod, and then they can share the network. You can generate Kubernetes YAML directly from those pods as well, so you can just say, hey, now creates a Kubernetes manifest that has a definition of this pod, and then I can deploy that directly to Kubernetes that might run on my local machine or remotely as well. And so speaking of Kubernetes, so Podman tries to make life a little bit easier in that respect, too. For example, OpenShift is an implementation of Kubernetes, but also any kind of other Kubernetes. The only thing is that, for example, with OpenShift, Podman Desktop can help you even create an OpenShift local on your local machine, so that makes it easy to work with OpenShift locally. So that makes it very easy for developers. It also can enable you to create, for example, a mini-cube on your local machine or a kind cluster, so Kubernetes in Docker. So it supports all sorts of different ways of dealing with containers. And then you can also extend Podman Desktop with different capabilities, so the same way as you can with more recent Docker Desktop, so you can use those same extensions, Docker Desktop extensions. You can use them in Podman Desktop as well. So for example, you can see there in this example, there's like disk usage extension, a log explorer, and an OpenShift extension that can help you with your local development to have some insight into what's going on. You can also extend the platform itself, so Podman Desktop itself. So you can see that you can add more registries. You can add menus and actions the way that you see fit. You can see, for example, also different container runtime, so you don't necessarily need to use Podman Engine with Docker Desktop. You can also, or sorry, with Podman Desktop, you can also use Docker runtime if you have a Docker runtime on your local machine and you would like to use Podman Desktop for a nice UI experience. That's possible as well. You can use Lima, so that's also possible. So it's trying to, again, make it meet the developers where they are and make it easy. So let's see this in some demos, right? Because that's way more fun and interesting to see this in action. So let's go and look at Podman Desktop. So I have it running here. And so if I go to my dashboard, so when I open Podman Desktop, by the way, you can install Podman Desktop on Windows, on Mac, on Linux. So on Windows, it uses WSL. And on Mac, I think you can just install it and on Linux, it just runs natively, which is what I'm using here. We are at open-source summit after all, right? And so here we can see Podman. We can see that it's running this particular version. It says Docker socket compatibility. It's not reachable, that makes sense, because I'm not running Docker on my machine. I'm running Podman. And so we can see that, for example, I have a developer sandbox from Red Hat running and it notices that. And I also have an instance of OpenShift Local on my local machine. And it's also noticing that that's installed and that it stopped and I could start it up and we'll see that in a minute. I'll be honest, running a Kubernetes full-blown, Kubernetes instance on your local machine takes a little bit of resources, right? So I'll run this in a little bit and then we'll see that my fan might start blowing a little bit. And then we can see here some of the extensions that exist for Podman Desktop. So in this case, I have, of course, Podman as my container runtime and I also have a Docker compatibility installed. So when I run Docker commands on my local machine, they're automatically translated to Podman commands. And we can also see, for example, I have OpenShift Local, I have Kubernetes and Docker and then developer sandbox. So I can quickly see at a glance what's there. So of course, let's look at our containers. And so I have a few images already here, but let's start from the beginning, right? So I have a little project here. So this is based on, it's a Java application. Any Java developers here? Not very many, I'm a little disappointed in you. I'm a Java developer. So this is based on Quarkus. So Quarkus is a Java stack that runs much faster, has a much smaller footprint and works really well with containers and Kubernetes. So I already created the source code for this file and I have a, what's cool with Quarkus is that it supplies Docker files kind of when you instantiate a project. So I have, for example, here, this Docker file that I can use to run my application in a container with the JVM. And so let's now start using this, right? So I'm gonna build my containers. So I'm gonna go to build an image and then I can select a container file and we go to source main and it was in the Docker folder. So here we have, let's choose this Docker file JVM and then I can specify the build context which is actually in a different folder. So you can select that as well. Quarkus observability in this case and then I can give it some random name or I can specify a specific name. Let's call this one Quarkus observability. And then build. So for developers, this should be fairly straightforward, right? I mean, yes, they have to have a Docker file somewhere or a container file, but from there we can build a container image pretty easily so we can see that it was successfully tagged so we created a new container image and now we can be done with that and here it is 22 seconds ago and it was created so we can run it. Now you're gonna see that it's not gonna run perfectly because it has a dependency on a database on an external database and on a tracing stack so based on Yeager, but let's run it anyway. So again, we can choose kind of what is a container name or let it define whatever it wants. We can set a specific entry point into this container. We can just leave that as it is. We could supply the volumes. Something that's cool with Docker desktop is so it notices what port you're trying to expose from your image. If I was already using this port for another application it would notice that and it would map different ports to your container so that's also something that sometimes developers struggle with like, hey, how do I map ports and everything? So that's also out of the box and then we can set environment variables and then do some more advanced stuff such as networking or make this rootful container if we need extra options. But in this case, I'm just gonna leave it simple like that and we're gonna run it's, let's see, I'm gonna make this a little bit smaller so I can see what I'm doing and then start this container. So now I'm running this container and we see that there's an error just as I was expecting because it's trying to connect to a database that's not running. And so if you're familiar with running containers they run in their own kind of network so what you could do to solve this what I can do is I can start up a container image as well but it's still not gonna find it because it's not in the same network. So there's two solutions to this. So you could use a Docker compose file and then define kind of, hey, this uses the same network which is also supported by Podman desktop. So this is one path, I'm going down a different path and that is I'm gonna create a pod with my different containers and then they will share the same network because they are in the same pod. So I'm selecting the container that I just started, right? The carcass observability and then with those other two containers that I'd already created and configured with environment variables. So I knew that they have the same, that the database has the same username and password than what my application is requiring. So then here we can see we can create a pod with those three different containers and let's see if it works, right? Everybody crossing their fingers with me. So we're creating the pod and probably I will have an error the first time, let's see. So it's this one and I see all the logs of the different containers here and it's actually not able to find my database because it wasn't started up yet, right? So my application container is starting at the same time as the database and so the database wasn't up and running yet so I just need to quickly restart it. So I click on the containers there. I'm gonna restart my container one more time and now we can see that it is actually running and able to connect with the Postgres database that I'm also running on my local machine. And so let's take a look and see if this is working. So this is on local host 8080 and we can see that, yay, we have our application running and I actually have this little endpoint fruit that should return some fruits and maybe I haven't configured it to actually populate it with data but let's imagine that there was some data in this database. I could add it and rebuild it but I think maybe then we'll run out of time. So that's how developers can fairly easily create containers, see their containers, manage them, create pods with them so we can now delete this. And so some more things that you can do with Podman desktop. So aside from just like generally managing containers, you can prune. So if you have a bunch of containers sitting around on your local machine, they take up a lot of space. So you can just say prune, which means that all the containers that aren't running at the moment are gonna be deleted. You can do the same thing for your images as well so you can delete all the images that aren't attached to a container. And then you see this play Kubernetes YAML and so let's see if maybe we'll create our pod again and then we'll create a Kubernetes YAML for it as well. So I'm gonna select this and then we can decide, do we wanna use Podman container image to run this YAML because yes, Podman desktop can also run Kubernetes YAMLs, so a pod definition for example, or we can deploy it to a Kubernetes cluster. And so this is to play a Kubernetes YAML file, but we can also create one. So let's, we can look at that here. So if we look here, we can see our logs. We can see how to open our application and browser and so on and so forth. Then in terms of the images as well so we can build our images, we can pull them down and we can also push them to a registry. So here I have a different container image and if I wanted to push this to a Kubernetes cluster, for example, I can say push an image to Kubernetes and Docker cluster because I have that extension or I can push the image to a developer sandbox cluster. So speaking of which, let's take a look here real quick. So we have, if you go to developers.redhat.com there's this developer sandbox thing here and that gives you this free kind of playground based on OpenShift, which again is a Kubernetes instance. And so by running that, I have here a namespace on Kubernetes. Let's delete our previous version of our deployment and then I'm gonna try and deploy it to there. So we can do this in a few different ways so I can try to push it from here. So let's try that. It says I don't have a running connection so I may be not connected to the right place. Let's try that. And push it. Okay, well let's go over here to one of the extensions that we have. So I have installed two extensions to my Podman desktop. One of them is an OpenShift extension that allows me to interact with OpenShift. So let's see, I believe this is the right context. So that's also something that's kind of cool with Podman desktop is if you're working with Kubernetes you need to have a Kubernetes context to be able to interact with it. So that's also something that you can add here in Podman desktop. So I have, for example, my local OpenShift that is not running but I should have this sandbox out here it is. So now I'm switching to this context, change. And now if we select an image to deploy so we can see here, let's try this one. And now I'm gonna deploy it. And so it should push fail to deploy. Yeah, nice. Thank you. The live demo effect. All right, let's try push the OpenShift and deploy. And that should push my image to the internal registry in OpenShift and then deploy it as well. So let's see if that works. So it's not there, it's in our Firefox. Okay, so we can see here that my application is actually being pushed and then we'll see if it'll start running. But you can see that you can interact with different clusters pretty easily from this thing. So you can, again, add different Docker extensions as well. So for example, I have this Aqua Trivi Docker extension to scan for container images. So this could be interesting as well for developers to kind of preemptively scan their container images to make sure that there are no vulnerabilities before they push their code and then go through their CI CD pipeline where ideally there's some sort of security scan going on, right? But that means that they have to wait for this whole cycle to happen. So it's kind of nice to be able to do that on their local machine. So in this case, the nice people at AquaSec have created this container scanning extension. So, well, we can select one image and then we would scan it. And then after a little while, it would tell me if there are any vulnerabilities in this container. So a couple more things that we could look for is for example, our volumes, right? The storage that's behind our containers. So we can see also that we can create volumes. We can collect the usage data to see how much resources and space is being used. By the way, you can do that for your containers as well to see how much memory and CPU are being used by containers when they're running. And then we can see here in our settings that we can supply, for example, registries that we're connected to. So in this case, I have a connection to a Quay registry to push my extension or to push my container images. Then we can also see where we can add more extensions to Podman Desktop itself. And then if we wanted to add some more desktop extensions from Docker Desktop, we can do that here. And so that's a real quick overview of Podman Desktop. So as you can see, you can manage containers with it, but you can actually kind of make this into a nice short feedback loop for developers to work with containers and then also interact with Kubernetes. So Podman Desktop is available for free. It's a fully open source license. So there's no kind of anything that you need to do other than just go to podman desktop.io and try it out. So what's next for Podman? So it's a project that's still in, well, it's in full development, it is stable, but there's a lot of new features still being added. So for example, improvements in terms of windows with Hyper-V support, try to make containers start up even faster, enhancements for the Kubernetes YAMLs that are being generated. So right now it creates a pod YAML. So let's see, perhaps, because in Kubernetes it might be easier to work with deployments and services, so it can maybe generate those. And then, yeah, there's some more kind of development going on in this project. And Podman Desktop is open for suggestions, so you can definitely provide any kind of things that you think are missing. It's an open source project, so if you're so inclined, definitely contribute as well. And here's some links to get started with Podman and Podman Desktop. So as you can see, podman-destout.io is where you can get started. If you have any issues, the community is very responsive and is very eager to help you out. And you get really cute seals to look at when you go to those websites, so. If you wanna learn more about Podman, in particular, so there's a free ebook that's available on developers.redhat.com. So the developers.redhat.com program is very nice, they sponsor some of the books that we write, and then because they sponsor them, they can make them available for you to download for free, which is nice. So if you're interested in Java development, apparently there are not very many here, but there's some books here. I'm writing a book on serverless Java, by the way, that should come out pretty soon, and hopefully Red Hat will sponsor that one as well. But yeah, so take a look at any of those. And then I think that's it. So I hope this was interesting, and if you have any questions, I think we still have a little bit of time. So who has questions? I have stickers, if that was a question. Thanks. Yes, regarding the selection where you clicked together the podman, the pod, is there a way to also configure those, and will they also be shown in the interface? Because the dependency restarting is quite tedious, I guess. Yeah, yes. Trying to think where exactly you would do that. So yeah, you can configure the network topology and all that. Now, if you want to have more control over it, I would recommend using Docker compose file to really define specific properties and values, because most of what the podify does is use the properties that you've defined when you create a container image, and when you start the container, so it's gonna use most of those properties. But yes, you can. I think there's a lot of improvements still that will go into podman this of itself. If you use the podman in the CLI, you can customize the pods a little bit more as well. Thanks. Two really quick ones. Number one, does this use build under the hood for the podman build sub-command? I'm just wondering, because my understanding is that this was more runtime oriented thing versus build up, which kind of has that responsibility until I saw your presentation. Right, yeah, so it's a good question, because originally podman did use build up for the podman build command, and I think right now it's built into podman itself, so it doesn't use build up anymore. Probably uses the same similar bits to do its build, but it's not using build up anymore, I believe. Okay, I'm just wondering how you think about the kind of separation of responsibilities. Like if you need anything more advanced, you end up going to build up, and you get a cross compatible image, but it's just more feature rich then. Right, yeah, okay. Yeah, yeah, because with build up you can also build using basically kind of a bash command, like a set of bash commands. Whereas with podman build, it's just using kind of the classic container files. Right, right, so it's not very sophisticated, right, got it. Okay, so that's number one, number two real quick. So having come from a company that dealt with the harsh realities of Docker desktop's licensing change, I'm curious how much of that fed the momentum for this to be where it is now? Do you think that this would have, should I, just looking at this from a macro level, should I be drawing the correlation that this is kind of really stepped into the spotlight because of those types of changes for enterprises? Yeah, for sure, yeah, yeah. So there's definitely, because of the demand from the market, there was a lot more priority put into podman desktop to kind of prioritize this as a project because that's something that the communities was really needing. And Red Hat was happy to fill that spot, of course, but yeah, I mean, there's definitely a correlation between the two, yeah. Do you know how podman works on Mac OS? How's the, is it like a VM, like Docker desktop does? And, yeah, because an extending question is like how volume mounts work because that's one part of Docker desktop that works really great on Mac OS is like the volume mount. Right, yes, it uses the same kind of VM concept. Other than that, I'm not a Mac user, so I don't know exactly if it works the same way in terms of volume mounts, but I would assume so. I haven't heard anything with kind of, oh yeah, the volumes that doesn't work with Mac, for sure it does, but yeah. Thanks. Yeah, and then same with Windows, of course, that uses WSL and then also a virtual environment. Maybe I can answer that. I'm using podman on Mac, so. There we go. Perfect. Does it work? Mostly, there's a small hitch with the, well, how the volume mounts are working. Whenever I sleep this thing and wake it back up, the same one Mac, I don't know if it matters. I need to restart the virtual machine, so it's using this podman machine command to create the virtual machine so I can just manage it that way. But the volume mounts break when I sleep, then wake it up. Interesting, create an issue for that. Yeah. Any more questions? I have, at the Red Hat booth, there are little podman stickers. So they're, of course, very cute seal stickers, so definitely stopped by the Red Hat booth. I have stickers, but I don't have podman stickers, so. But if you're one of the two Java developers here and you want a Quark sticker, I have those. All right. No more questions. Then I thank you very much. Arigato gozaimasu. Thank you.