Dyson Protocol Node Deployment with Podman
Docker vs Podman
Docker and Podman are both containerization platforms that enable developers to build, package, and distribute applications in a consistent and reproducible manner. While they share many similarities, there are also notable differences between the two:
- Daemon vs. Daemonless: Docker uses a client-server architecture, where a Docker daemon runs in the background and manages containers. In contrast, Podman is daemonless and runs containers directly, which can reduce complexity and security risks.
- Root vs. Rootless: Docker typically requires root privileges for most operations, which can introduce security concerns. Podman, on the other hand, supports running containers without root privileges (rootless), which enhances security and allows non-privileged users to manage containers.
- CLI Compatibility: Podman aims to be a drop-in replacement for Docker, and its CLI commands closely mirror Docker's. However, there might be some minor differences, so it is essential to consult the respective documentation when transitioning from one platform to another.
- Container Orchestration: Docker has native support for Docker Swarm, a container orchestration platform. Podman, on the other hand, does not have built-in orchestration support but can work with Kubernetes through the CRI-O runtime.
- Image Storage: Docker uses a centralized image storage mechanism, while Podman employs a distributed approach. This allows Podman to isolate image storage for different users, enhancing security and preventing potential conflicts.
- API Compatibility: Docker has a well-documented REST API for interacting with the Docker daemon. Podman, being daemonless, does not provide a native REST API. However, Podman can be configured to support the Docker API through the podman-docker package or the Podman API service.
- Community and Support: Docker has a larger community and more extensive commercial support, owing to its longer history and widespread adoption. Podman is a newer project with a growing community, primarily supported by Red Hat.
In summary, Docker and Podman are both powerful containerization tools, but they differ in their architecture, security features, and some aspects of their functionality. Podman is an appealing alternative for those who prioritize rootless container management and a daemonless architecture, while Docker remains popular for its extensive community, support, and integration with Docker Swarm.
Podman deployment/configuration
Before Dyson node deployment some preparation is required. That includes:
- updates installation
- required packages installation
- dedicated user created
- Podman socket configuration Let's start.
Update system
sudo apt update && sudo apt upgrade -y && sudo apt autoremove -y
Required packages
sudo apt install entr jq make git ufw podman podman-docker docker-compose
Create Dyson node user
sudo adduser dyson
Once dedicated user is created access system using dyson user to continue deployment.
Enable and start podman.socket as a user
systemctl --user enable podman.socket
systemctl --user start podman.socket
systemctl --user status podman.socket
export DOCKER_HOST=unix:///run/user/$UID/podman/podman.sock
NOTE: Commands su - <user> or sudo -u <user> do not preserve environment variables like $DBUS_SESSION_BUS_ADDRESS and $XDG_RUNTIME_DIR.
It is required to use ssh to login as dyson user to have environmental variables set correctly for Podman: ssh <user>@localhost
Prevent containers termination at logoff
By default container started in user environment will be terminated once user will log off.
To avoid that enable linger state loginctl enable-linger dyson.
Build Dyson Protocol components
Node installation
git clone --recurse-submodules https://gitlab.com/dysonproject/dyson-deploy.git
cd dyson-deploy
Configurartion adjustments
To build and run containers we will use docker-compose. As Podman does not support docker compose syntax it is required to adju
Changes to Makefile
- replace
docker composewithdocker-compose
Changes to scripts/start.sh
- replace
docker composewithdocker-compose
Changes to docker-compose.yml
- replace
linkswithdepends_on - change
443:443to8443:443 - change
80:80to8080:80
$ make reset # if you had already joined the testnet
$ make testnet # prepare .env file for testnet deployment
Run containers
TAG=v0.1.1 docker-compose up -d
That will run containers
Managing Dyson Protocol components
Check container status
docker container logs --tail=100 --follow=true dyson-deploy_chain_1