Skip to main content

ChRIS on Podman

System Requirements

miniChRIS-podman requires Podman version 4.3 or above. We aim to support "out-of-the-box" setups of rootless Podman (using slirp4netns and aardvark-dns).

Supported OS: Fedora Silverblue 37, Ubuntu 22.04, Arch Linux

Notes about installing Podman on Arch Linux.

On Arch Linux, please consult the wiki: https://wiki.archlinux.org/title/Podman

Here's what worked for me (possibly helpful, definitely outdated info)

sudo pacman -Syu podman aardvark-dns
sudo usermod --add-subuids 100000-165535 --add-subgids 100000-165535 $USER
warning

Podman version 4.6.2 does not work due to a bug. If pman is reporting the error

crun: write to /proc/self/oom_score_adj: Permission denied: OCI permission denied

Try downgrading crun to version 1.8.7. (On Arch Linux, run sudo pacman -U /var/cache/pacman/pkg/crun-1.8.7-1-x86_64.pkg.tar.zst)

Preconditions

Make sure your system is not running anything which might interfere with miniChRIS.

  • Existing container/pod names might clash with miniChRIS. To be safe, the output of podman ps -a should be empty-ish.
  • Running servers might clash with miniChRIS, which wants to bind TCP ports 5005, 5010, 8000, 8010, 8080, 8020, and 8021.

Podman: Quick Start

git clone https://github.com/FNNDSC/miniChRIS-podman.git
cd miniChRIS-podman
./minichris.sh up

Podman: Tear Down

./minichris.sh down

Podman: Nuke

In case ./minichris.sh down does not work, run:

podman pod rm -af
podman volume prune -f

This might happen if you change the YAMLs.

Using Podman Desktop

It is necessary to feed to Podman Desktop a single YAML file defining all ChRIS resources. The YAML file is produced by the command ./minichris.sh cat.

./minichris.sh cat > chris-all-in-one.yml

In the sidebar of Podman Desktop, click the "Containers" icon and then in the top-right, click "Play Kubernetes YAML". Select the chris-all-in-one.yml file and then click "Play."

Screenshot of Podman Desktop: selecting a file

Wait 1-5 minutes for ChRIS to start up. Optionally, you can monitor the progress from a terminal with the command

./minichris.sh watch-migration

When it's done, return the Containers screen and you should see ChRIS containers running.

Screenshot of Podman Desktop: running ChRIS containers

At this point ChRIS is running, but it is empty. To add users and plugins to ChRIS, go back to the terminal and run

./minichris.sh chrisomatic

Finally, you're ready to log in to http://localhost:8020 with username chris, password chris1234.

Using Quadlet

The podman/quadlet/minichris.kube file can be used with the YAML generated by ./minichris.sh cat to deploy ChRIS using Quadlet.

systemctl --user start podman.service
./minichris.sh cat > ~/.config/containers/systemd/minichris-aio.yml
cp podman/quadlet/minichris.kube ~/.config/containers/systemd/minichris.kube
systemctl --user daemon-reload
systemctl --user start minichris.service
warning

Friendly reminder to not use miniChRIS in production.

What to expect: performance

On a fast computer with good internet speed, running ./minichris.sh up for the first time (pulls images) takes about 1.5 to 2 minutes. Subsequent runs will be faster, about 40 seconds.