The release of Red Hat Enterprise Linux 8.1 is a minor update to RHEL, but a major step forward with containers. The container-tools:rhel8 application stream has been updated with new versions of Podman, Buildah, Skopeo, runc, container selinux policies and other libraries. The core set of base images in Red Hat Universal Base Image (UBI) have been updated to 8.1, and UBI has expanded to include Go 1.11.5 as a developer use case. There are now 37 images released as part of UBI - they can all be seen on the UBI product page. Finally, we have released some really good updated documentation covering rootless, and other new features in the container-tools module.
Now, let’s jump in and cover some major features a bit deeper.
The ability to run containers as a regular user with Podman was Tech Preview in RHEL 8.0 (Using the rootless containers Tech Preview in RHEL 8.0). With the release of RHEL 8.1 rootless containers are now fully supported. Podman has been updated to 1.4.2 stable and numerous supporting subsystems in RHEL 8 have been updated to make rootless containers easier than ever. Literally, it’s as simple as adding a user during install, logging in as that user, and firing some containers up.
For more information, check out the rootless documentation in the RHEL 8 Building, Running and Managing Container guide.
Podman Generate & Play
With this update of podman in the container-tools:rhel application stream, we now bring users the ability to generate Kubernetes Manifest files in YAML. This reduces the friction for Podman users wanting to deploy on Kubernetes. Now, they don’t need to know how to write Kubernetes YAML to get started with Kubernetes.
This feature was announced upstream earlier this year (Podman can now ease the transition to Kubernetes and CRI-O), and helps users easily move from a single node container environment using Podman, to a multi-node environment using Kubernetes / Red Hat OpenShift.
Generating Kubernetes manifests with a single command is ground breaking, but what many users don’t know is that podman can also play them. This allows Podman users to fire up an entire application based on a Kubernetes Manifest file—without actually having a Kubernetes cluster installed.
This can be used to set up workflows where developers can share applications. The first developer can use “podman generate kube” and the second developer can use “podman play kube” command. There’s no need to write any YAML manually. Developers can just start the containers and pods the way you want them to run, and export the Kubernetes Manifest. They can share these manifests with any Podman (or Kubernetes) user and easily play them. This is more elegant than solutions like docker-compose where developers need to write up manifests themselves, and worse isn’t directly compatible with Kubernetes.
The vision is to be able to share Kubernetes manifests everywhere—from Podman to Podman, from Podman to Kubernetes, and from Kubernetes to Podman, simplifying transitions back and forth between developers and between production. While the manifest support in Podman doesn’t support every feature in Kubernetes, expect to see more and more resources supported.
Go-Toolset Container Images
When we launched Red Hat Universal Base Image at Red Hat Summit in 2019, we got a lot of great feedback. One of the first requests we received was for Golang. It is a popular programming language in the Cloud Native space, and we immediately recognized the value of adding it (also, I know what you’re thinking! Stay tuned and you might see OpenJDK images soon).
With the update to RHEL 8.1, we have added the ubi8/go-toolset container to the UBI family. This gives users the ability to compile Go applications using a pre-packaged container with Go 1.11.5.
This image can be used in a way that should be familiar for most Golang programmers used to using other popular Golang container images. Here’s a quick example of how to use the image with a hello world program. Clone this repository:
git clone https://github.com/fatherlinux/ubi-go-toolset-example.git
podman build -t hello-world -f Containerfile.local
podman run -it --rm hello-world
For other examples, including a multi-stage one, check out my repository on GitHub.
Web Console - Podman Containers
Web Console now has the ability to run Podman containers. It’s as easy as running a few simple commands in RHEL 8.1.
yum install cockpit-podman systemctl enable --now cockpit.socket
Once Web Console is started, you just connect to port 9090 and you will see an interface similar to the following. In this example, we can easily pull down the latest UBI 8 image:
Now, we can easily run a new container based on this image:
We have improvements planned for future versions of Web Console, including the ability to run containers as regular users (rootless).
The launch of RHEL 8.1 is a minor release with some major new capabilities focused around containers. The work that went into this release is the culmination of a lot of work from a lot of different subsystem teams. This ranges from coding and testing, documentation and support enablement. We thank them all for their collaboration and hard work. We look forward to bringing more great container capabilities in future versions of RHEL and providing the foundation for great new features in Red Hat OpenShift as well.
About the author
At Red Hat, Scott McCarty is Senior Principal Product Manager for RHEL Server, arguably the largest open source software business in the world. Focus areas include cloud, containers, workload expansion, and automation. Working closely with customers, partners, engineering teams, sales, marketing, other product teams, and even in the community, he combines personal experience with customer and partner feedback to enhance and tailor strategic capabilities in Red Hat Enterprise Linux.
McCarty is a social media start-up veteran, an e-commerce old timer, and a weathered government research technologist, with experience across a variety of companies and organizations, from seven person startups to 20,000 employee technology companies. This has culminated in a unique perspective on open source software development, delivery, and maintenance.