Rootless Containers with Podman Now Supported in PubSub+ 10.1

pkondrat
pkondrat Member, Employee Posts: 24 Solace Employee

Podman is a relatively new container runtime but, as the default in Red Hat Enterprise Linux 8 it is quickly gaining in popularity. PubSub+ 10.1 adds full support for Podman including running PubSub+ as a rootless container.

For years Docker has been synonymous with containers; some security teams took issue with the fact that the Docker daemon runs as a root process (recent versions of Docker engine have removed this requirement, allowing docker to create rootless containers). Podman does not have a daemon that needs to run as root. It is possible to create a rootful container using “sudo podman run” or a rootless container by simply using “podman run” (not requiring the user creating the container to be a sudo’er). 

The ability for a non-privileged user to be able to create a container requiring no sudo or other root privileges will go a long way to addressing the concerns that security teams have with containers in general. This will help further drive the adoption of container technology. Developers will now be able to create container instances using their standard non-privileged accounts. To help users get started with rootless containers, Solace has a getting started guide showing how to create a rootless instance of PubSub+ on a Ubuntu host. Detailed documentation on rootless containers and PubSub+ is also available at https://docs.solace.com.

Hopefully the availability of rootless containers will remove barriers to even more wide spread adoption of container technology in development and production environments.