Skip to main content

ChRIS on Podman

System Requirements

miniChRIS-podman requires Podman version 4.3 or above. We aim to support "out-of-the-box" setups of rootless Podman (using slirp4netns and aardvark-dns).

Supported OS: Fedora Silverblue 37, Ubuntu 22.04, Arch Linux

Notes about installing Podman on Arch Linux.

On Arch Linux, please consult the wiki:

Here's what worked for me (possibly helpful, definitely outdated info)

sudo pacman -Syu podman aardvark-dns
sudo usermod --add-subuids 100000-165535 --add-subgids 100000-165535 $USER

Podman version 4.6.2 does not work due to a bug. If pman is reporting the error

crun: write to /proc/self/oom_score_adj: Permission denied: OCI permission denied

Try downgrading crun to version 1.8.7. (On Arch Linux, run sudo pacman -U /var/cache/pacman/pkg/crun-1.8.7-1-x86_64.pkg.tar.zst)


Make sure your system is not running anything which might interfere with miniChRIS.

  • Existing container/pod names might clash with miniChRIS. To be safe, the output of podman ps -a should be empty-ish.
  • Running servers might clash with miniChRIS, which wants to bind TCP ports 5005, 5010, 8000, 8010, 8080, 8020, and 8021.

Podman: Quick Start

git clone
cd miniChRIS-podman
./ up

Podman: Tear Down

./ down

Podman: Nuke

In case ./ down does not work, run:

podman pod rm -af
podman volume prune -f

This might happen if you change the YAMLs.

Using Podman Desktop

It is necessary to feed to Podman Desktop a single YAML file defining all ChRIS resources. The YAML file is produced by the command ./ cat.

./ cat > chris-all-in-one.yml

In the sidebar of Podman Desktop, click the "Containers" icon and then in the top-right, click "Play Kubernetes YAML". Select the chris-all-in-one.yml file and then click "Play."

Screenshot of Podman Desktop: selecting a file

Wait 1-5 minutes for ChRIS to start up. Optionally, you can monitor the progress from a terminal with the command

./ watch-migration

When it's done, return the Containers screen and you should see ChRIS containers running.

Screenshot of Podman Desktop: running ChRIS containers

At this point ChRIS is running, but it is empty. To add users and plugins to ChRIS, go back to the terminal and run

./ chrisomatic

Finally, you're ready to log in to http://localhost:8020 with username chris, password chris1234.

Using Quadlet

The podman/quadlet/minichris.kube file can be used with the YAML generated by ./ cat to deploy ChRIS using Quadlet.

systemctl --user start podman.service
./ cat > ~/.config/containers/systemd/minichris-aio.yml
cp podman/quadlet/minichris.kube ~/.config/containers/systemd/minichris.kube
systemctl --user daemon-reload
systemctl --user start minichris.service

Friendly reminder to not use miniChRIS in production.

What to expect: performance

On a fast computer with good internet speed, running ./ up for the first time (pulls images) takes about 1.5 to 2 minutes. Subsequent runs will be faster, about 40 seconds.