安装 Podman 在 macOS 上
在 macOS 上安装 Podman 需要使用 Podman 的桌面客户端工具 Podman Desktop 或通过 Homebrew 安装命令行工具。
使用 Homebrew 安装 Podman:
(base) ninjamac@ninjamacdeMacBook-Air shell % brew install podman
==> Auto-updating Homebrew...
Adjust how often this is run with HOMEBREW_AUTO_UPDATE_SECS or disable with
HOMEBREW_NO_AUTO_UPDATE. Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).
==> Auto-updated Homebrew!
Updated 3 taps (kong/deck, homebrew/core and homebrew/cask).
==> New Formulae
clang-include-graph claude-squad kargo
==> New Casks
firezone passepartout simpledemviewer slideshower
You have 46 outdated formulae installed.
==> Downloading https://ghcr.io/v2/homebrew/core/podman/manifests/5.5.0
######################################################################################## 100.0%
==> Fetching podman
==> Downloading https://ghcr.io/v2/homebrew/core/podman/blobs/sha256:8326e41b43e41f71fa6cf9c321
######################################################################################## 100.0%
==> Pouring podman--5.5.0.arm64_sequoia.bottle.tar.gz
==> Caveats
In order to run containers locally, podman depends on a Linux kernel.
One can be started manually using `podman machine` from this package.
To start a podman VM automatically at login, also install the cask
"podman-desktop".
zsh completions have been installed to:
/opt/homebrew/share/zsh/site-functions
==> Summary
🍺 /opt/homebrew/Cellar/podman/5.5.0: 202 files, 79.3MB
==> Running `brew cleanup podman`...
Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.
Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`)安装完成后初始化 Podman 虚拟机(由于 macOS 不支持 Linux 容器原生运行,Podman 会创建一个轻量级虚拟机来运行容器):
(base) ninjamac@ninjamacdeMacBook-Air shell % podman machine init
Looking up Podman Machine image at quay.io/podman/machine-os:5.5 to create VM
Getting image source signatures
Copying blob d8d46037edd8 done |
Copying config 44136fa355 done |
Writing manifest to image destination
d8d46037edd878510cbcaabb4878e59e5d9eaa98d0c73eef883cd98491b08e96
Extracting compressed file: podman-machine-default-arm64.raw: done
Machine init complete
启动 Podman 虚拟机:
(base) ninjamac@ninjamacdeMacBook-Air shell % podman machine start
Starting machine "podman-machine-default"
This machine is currently configured in rootless mode. If your containers
require root permissions (e.g. ports < 1024), or if you run into compatibility
issues with non-podman clients, you can switch using the following command:
podman machine set --rootful
API forwarding listening on: /var/folders/_0/8glqp3v96vx0_rzhlqb8g3xr0000gn/T/podman/podman-machine-default-api.sock
The system helper service is not installed; the default Docker API socket
address can't be used by podman. If you would like to install it, run the following commands:
sudo /opt/homebrew/Cellar/podman/5.5.0/bin/podman-mac-helper install
podman machine stop; podman machine start
You can still connect Docker API clients by setting DOCKER_HOST using the
following command in your terminal session:
export DOCKER_HOST='unix:///var/folders/_0/8glqp3v96vx0_rzhlqb8g3xr0000gn/T/podman/podman-machine-default-api.sock'
Machine "podman-machine-default" started successfully验证 Podman 是否正确安装:
(base) ninjamac@ninjamacdeMacBook-Air shell % podman version
Client: Podman Engine
Version: 5.5.0
API Version: 5.5.0
Go Version: go1.24.3
Built: Wed May 14 02:59:13 2025
Build Origin: brew
OS/Arch: darwin/arm64
Server: Podman Engine
Version: 5.5.0
API Version: 5.5.0
Go Version: go1.23.8
Git Commit: 0dbcb51477ee7ab8d3b47d30facf71fc38bb0c98
Built: Tue May 13 08:00:00 2025
OS/Arch: linux/arm64
(base) ninjamac@ninjamacdeMacBook-Air shell % podman info
Client:
APIVersion: 5.5.0
BuildOrigin: brew
Built: 1747162753
BuiltTime: Wed May 14 02:59:13 2025
GitCommit: ""
GoVersion: go1.24.3
Os: darwin
OsArch: darwin/arm64
Version: 5.5.0
host:
arch: arm64
buildahVersion: 1.40.0
cgroupControllers:
- cpu
- io
- memory
- pids
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: conmon-2.1.12-3.fc41.aarch64
path: /usr/bin/conmon
version: 'conmon version 2.1.12, commit: '
cpuUtilization:
idlePercent: 99.56
systemPercent: 0.27
userPercent: 0.17
cpus: 4
databaseBackend: sqlite
distribution:
distribution: fedora
variant: coreos
version: "41"
eventLogger: journald
freeLocks: 2045
hostname: localhost.localdomain
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 1000000
uidmap:
- container_id: 0
host_id: 501
size: 1
- container_id: 1
host_id: 100000
size: 1000000
kernel: 6.12.13-200.fc41.aarch64
linkmode: dynamic
logDriver: journald
memFree: 1293139968
memTotal: 2042273792
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: aardvark-dns-1.14.0-1.fc41.aarch64
path: /usr/libexec/podman/aardvark-dns
version: aardvark-dns 1.14.0
package: netavark-1.14.0-1.fc41.aarch64
path: /usr/libexec/podman/netavark
version: netavark 1.14.0
ociRuntime:
name: crun
package: crun-1.20-2.fc41.aarch64
path: /usr/bin/crun
version: |-
crun version 1.20
commit: 9c9a76ac11994701dd666c4f0b869ceffb599a66
rundir: /run/user/501/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
os: linux
pasta:
executable: /usr/bin/pasta
package: passt-0^20250121.g4f2c8e7-2.fc41.aarch64
version: |
pasta 0^20250121.g4f2c8e7-2.fc41.aarch64-pasta
Copyright Red Hat
GNU General Public License, version 2 or later
<https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
remoteSocket:
exists: true
path: unix:///run/user/501/podman/podman.sock
rootlessNetworkCmd: pasta
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: true
serviceIsRemote: true
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.3.1-1.fc41.aarch64
version: |-
slirp4netns version 1.3.1
commit: e5e368c4f5db6ae75c2fce786e31eef9da6bf236
libslirp: 4.8.0
SLIRP_CONFIG_VERSION_MAX: 5
libseccomp: 2.5.5
swapFree: 0
swapTotal: 0
uptime: 0h 38m 35.00s
variant: v8
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
search:
- docker.io
store:
configFile: /var/home/core/.config/containers/storage.conf
containerStore:
number: 3
paused: 0
running: 1
stopped: 2
graphDriverName: overlay
graphOptions: {}
graphRoot: /var/home/core/.local/share/containers/storage
graphRootAllocated: 106415992832
graphRootUsed: 4448870400
graphStatus:
Backing Filesystem: xfs
Native Overlay Diff: "true"
Supports d_type: "true"
Supports shifting: "false"
Supports volatile: "true"
Using metacopy: "false"
imageCopyTmpDir: /var/tmp
imageStore:
number: 1
runRoot: /run/user/501/containers
transientStore: false
volumePath: /var/home/core/.local/share/containers/storage/volumes
version:
APIVersion: 5.5.0
BuildOrigin: 'Copr: packit/containers-podman-26126'
Built: 1747094400
BuiltTime: Tue May 13 08:00:00 2025
GitCommit: 0dbcb51477ee7ab8d3b47d30facf71fc38bb0c98
GoVersion: go1.23.8
Os: linux
OsArch: linux/arm64
Version: 5.5.0
配置 Podman 环境
Podman 在 macOS 上运行需要依赖虚拟机,默认使用 QEMU 运行轻量级 Linux 环境。可以通过以下命令调整虚拟机配置:
调整虚拟机 CPU 和内存(可选):
podman machine stop
podman machine set --cpus 4 --memory 8192
podman machine start
运行容器
运行一个简单的测试容器(例如 Nginx):
podman run -d -p 8080:80 --name nginx docker.io/library/nginx
验证容器是否运行:
(base) ninjamac@ninjamacdeMacBook-Air shell % podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
88288e7b6232 docker.io/library/nginx:latest nginx -g daemon o... 58 seconds ago Up 58 seconds 0.0.0.0:8080->80/tcp nginx
访问运行中的容器服务(在浏览器中打开 http://localhost:8080)。
管理容器和镜像
列出本地所有镜像:
podman images
从 Docker Hub 拉取镜像:
podman pull ubuntu:latest
进入运行中的容器:
(base) ninjamac@ninjamacdeMacBook-Air shell % podman exec -it nginx /bin/bash
root@88288e7b6232:/#
停止和删除容器:
podman stop nginx
podman rm nginx
构建自定义镜像
创建一个简单的 Dockerfile:
FROM alpine:latest
RUN apk add --no-cache python3
CMD ["python3", "--version"]
使用 Podman 构建镜像:
(base) ninjamac@ninjamacdeMacBook-Air podman % podman build -t my-python-images .
STEP 1/3: FROM alpine:latest
Resolved "alpine" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob sha256:d69d4d41cfe2ee680d6972795e2a1eb9e4dc4ec3b3c5e0797c9ab43bb3726fa7
Copying config sha256:2abc5e83407155714f171c293f197e1310176959e106f8ad63ffa2e7e9635d4a
Writing manifest to image destination
STEP 2/3: RUN apk add --no-cache python3
fetch https://dl-cdn.alpinelinux.org/alpine/v3.22/main/aarch64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.22/community/aarch64/APKINDEX.tar.gz
(1/17) Installing libbz2 (1.0.8-r6)
(2/17) Installing libexpat (2.7.1-r0)
(3/17) Installing libffi (3.4.8-r0)
(4/17) Installing gdbm (1.24-r0)
(5/17) Installing xz-libs (5.8.1-r0)
(6/17) Installing libgcc (14.2.0-r6)
(7/17) Installing libstdc++ (14.2.0-r6)
(8/17) Installing mpdecimal (4.0.1-r0)
(9/17) Installing ncurses-terminfo-base (6.5_p20250503-r0)
(10/17) Installing libncursesw (6.5_p20250503-r0)
(11/17) Installing libpanelw (6.5_p20250503-r0)
(12/17) Installing readline (8.2.13-r1)
(13/17) Installing sqlite-libs (3.49.2-r0)
(14/17) Installing python3 (3.12.11-r0)
(15/17) Installing python3-pycache-pyc0 (3.12.11-r0)
(16/17) Installing pyc (3.12.11-r0)
(17/17) Installing python3-pyc (3.12.11-r0)
Executing busybox-1.37.0-r18.trigger
OK: 49 MiB in 33 packages
--> 48a838f69aa8
STEP 3/3: CMD ["python3", "--version"]
COMMIT my-python-images
--> daf80a07597c
Successfully tagged localhost/my-python-images:latest
daf80a07597cfe6a88325506732ce1fd95a10a3fe9c44b38f0ea7a512bc1d5c9
(base) ninjamac@ninjamacdeMacBook-Air podman % podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/my-python-images latest daf80a07597c 8 seconds ago 53.8 MB
docker.io/library/alpine latest 2abc5e834071 4 days ago 8.81 MB
docker.io/library/nginx latest 997e7f255061 6 weeks ago 202 MB
运行自定义镜像:
podman run --rm my-python-image
持久化存储和数据卷
创建一个数据卷并挂载到容器:
podman volume create my_volume
podman run -d -v my_volume:/data --name volume_test alpine tail -f /dev/null
进入容器验证数据卷:
podman exec -it volume_test /bin/sh
网络配置
创建一个自定义网络:
(base) ninjamac@192 xx % podman network create my_network
my_network运行容器并使用自定义网络:
podman run -d --network my_network --name web nginx
podman run -it --network my_network --name client alpine ping web
调试和日志检查
查看容器日志:
podman logs nginx
检查容器详细配置:
podman inspect nginx
监控容器资源使用:
(base) ninjamac@192 xx % podman stats
ID NAME CPU % MEM USAGE / LIMIT MEM % NET IO BLOCK IO PIDS CPU TIME AVG CPU %
b059483e17f4 volume_test 0.01% 53.25kB / 2.042GB 0.00% 3.006kB / 1.398kB 0B / 0B 1 1.564638s 0.01%
![浏览器工作原理05 [#] 渲染流程(上):HTML、CSS和JavaScript是如何变成页面的](https://i-blog.csdnimg.cn/img_convert/153ad1bb6b680aa8c2dd89296bc0d7e1.png)
![[BIOS]VSCode zx-6000 编译问题](https://i-blog.csdnimg.cn/direct/df5a0400ddb443dca9127f184ea49883.png)
![[GitHub] 优秀开源项目](https://i-blog.csdnimg.cn/direct/714d53e2fd994c53b78d3f68926f3b40.png)
