XWIKI docker images run on podman

The XWIKI docker images run on podman as non-root user without a large docker daemon, iptables rules, special network interfaces and routes, etc.

Note that podman-compose is version 0.1.7dev0.

[mc@podman ~]$ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

[mc@podman ~]$ cat docker-compose.yml
version: '2'
networks:
  bridge:
    driver: bridge
services:
  web:
    image: "xwiki:lts-postgres-tomcat"
    container_name: xwiki-postgres-tomcat-web
    depends_on:
      - db
    ports:
      - "8080:8080"
    environment:
      - DB_USER=xwiki
      - DB_PASSWORD=xwiki
      - DB_HOST=xwiki-postgres-db
    volumes:
      - xwiki-data:/usr/local/xwiki
    networks:
      - bridge
  db:
    image: "postgres:9.5"
    container_name: xwiki-postgres-db
    volumes:
      - postgres-data:/var/lib/postgresql/data
    environment:
      - POSTGRES_ROOT_PASSWORD=xwiki
      - POSTGRES_PASSWORD=xwiki
      - POSTGRES_USER=xwiki
      - POSTGRES_DB=xwiki
      - POSTGRES_INITDB_ARGS="--encoding=UTF8"
    networks:
      - bridge
volumes:
  postgres-data: {}
  xwiki-data: {}

[mc@podman ~]$ podman-compose up -d
using podman version: podman version 1.9.2
podman pod create --name=mc --share net -p 8080:8080
7a775b7df5562be577ecd3d6d4c2bb08814af25141d2c7c71b787772358e9099
0
podman volume inspect mc_postgres-data || podman volume create mc_postgres-data
podman run --name=xwiki-postgres-db -d --pod=mc --label io.podman.compose.config-hash=123 --label io.podman.compose.project=mc --label io.podman.compose.version=0.0.1 --label com.docker.compose.container-number=1 --label com.docker.compose.service=db -e POSTGRES_ROOT_PASSWORD=xwiki -e POSTGRES_PASSWORD=xwiki -e POSTGRES_USER=xwiki -e POSTGRES_DB=xwiki -e POSTGRES_INITDB_ARGS="--encoding=UTF8" -v mc_postgres-data:/var/lib/postgresql/data --add-host web:127.0.0.1 --add-host xwiki-postgres-tomcat-web:127.0.0.1 --add-host db:127.0.0.1 --add-host xwiki-postgres-db:127.0.0.1 postgres:9.5
02c1748aab52c67ed03c5cb2d869c0c146628c1e7d2fc75be0b4da1ad843dfe6
0
podman volume inspect mc_xwiki-data || podman volume create mc_xwiki-data
podman run --name=xwiki-postgres-tomcat-web -d --pod=mc --label io.podman.compose.config-hash=123 --label io.podman.compose.project=mc --label io.podman.compose.version=0.0.1 --label com.docker.compose.container-number=1 --label com.docker.compose.service=web -e DB_USER=xwiki -e DB_PASSWORD=xwiki -e DB_HOST=xwiki-postgres-db -v mc_xwiki-data:/usr/local/xwiki --add-host web:127.0.0.1 --add-host xwiki-postgres-tomcat-web:127.0.0.1 --add-host db:127.0.0.1 --add-host xwiki-postgres-db:127.0.0.1 xwiki:lts-postgres-tomcat
68077518f28aadffb50df6fde32ee18fb9fc27fb938a85d44d4f21725ebfa1c3
0

[mc@podman ~]$ podman ps
CONTAINER ID  IMAGE                                        COMMAND   CREATED             STATUS                 PORTS                   NAMES
68077518f28a  docker.io/library/xwiki:lts-postgres-tomcat  xwiki     About a minute ago  Up About a minute ago  0.0.0.0:8080->8080/tcp  xwiki-postgres-tomcat-web
02c1748aab52  docker.io/library/postgres:9.5               postgres  About a minute ago  Up About a minute ago  0.0.0.0:8080->8080/tcp  xwiki-postgres-db

[mc@podman ~]$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:8d:3e:ae brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.10/24 brd 192.168.0.255 scope global dynamic enp1s0
       valid_lft 84402sec preferred_lft 84402sec
    inet6 fe80::5054:ff:fe8d:3eae/64 scope link 
       valid_lft forever preferred_lft forever

[mc@podman ~]$ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
[mc@podman ~]$