Setting up Podman on WSL2 in Windows 10

Andy Wong
3 min readOct 1, 2020
podman

If your daily driver is Windows 10 and you’ve found that Docker on windows is way too bloated, a great lightweight alternative is to use WSL2 with Podman. I won’t repeat the instructions on installing WSL2, so here is a direct link to the Microsoft article:

For the purposes of this demonstration, please ensure you’ve installed Ubuntu.

The original article and instructions for installing Podman on WSL2 from Redhat needs updating:

So here are the updated instructions for installing Podman on WSL2 Ubuntu as of the time of writing — updated 19th December 2021

First of all, you need to identify your version of Ubuntu in WSL2:

lsb_release -a

In this example:

No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Codename: focal

The version we have is Ubuntu 20.04.3 LTS, so we need to check the instructions here:

https://software.opensuse.org/download/package?package=podman&project=devel%3Akubic%3Alibcontainers%3Atesting

And alter them accordingly, in my case:

echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/testing/xUbuntu_20.04/ /' | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:testing.list
curl -fsSL https://download.opensuse.org/repositories/devel:kubic:libcontainers:testing/xUbuntu_20.04/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_testing.gpg > /dev/null
sudo apt update
sudo apt install podman

After running the above, you should have a base Podman installation.

If you want to be able to run rootless, you need to do the following to edit the permissions:

sudo chmod 4755 /usr/bin/newgidmap
sudo chmod 4755 /usr/bin/newuidmap

To avoid the error message:

unable to write pod event: "write unixgram @00013->/run/systemd/journal/socket: sendmsg: no such file or directory"

You need to update the podman config

sudo vim /etc/containers/containers.conf

and add this line in the [engine] section which is approx at the time of writing on line 285 in containers.conf:

events_logger = "file"

By default, it’s not possible to run containers on privileged ports like port 80, so you need to edit sysctl.conf

sudo vim /etc/sysctl.conf

add the following line:

net.ipv4.ip_unprivileged_port_start=0

and apply:

sudo sysctl -p

In order to access your containers, you need to find the IP address of your WSL2 instance, so you need to do the following:

ip addr | grep 172

In this my example, it will return something like this:

inet 172.29.118.69/20 brd 172.29.127.255 scope global eth0

In this instance, I’ve been assigned 172.29.118.69 as the IP

To test, we can run to the container in interactive mode so you can see all the std output:

podman run -it -p 80:80 nginx

and browse to http://172.29.118.69 (change accordingly) to see the default nginx page. Voila! Podman running on WSL2 on Windows 10. Press CTRL+C in the terminal to stop the container. Conversely, if you want to run it as a daemon, like docker, you can run it with “-d”:

podman run -d -p 80:80 nginx

Check it’s running:

podman ps

And you should see something like:

CONTAINER ID  IMAGE                           COMMAND               CREATED         STATUS             PORTS               NAMES
1d5508b0a9c0 docker.io/library/nginx:latest nginx -g daemon o... 31 seconds ago Up 27 seconds ago 0.0.0.0:80->80/tcp inspiring_kare

Post setup, when attempting to run podman again using a privileged port you may get this error:

Error: failed to expose ports via rootlessport: "cannot expose privileged port 80, you might need to add \"net.ipv4.ip_unprivileged_port_start=0\" (currently 1024) to /etc/sysctl.conf, or choose a larger port number (>= 1024): listen tcp 0.0.0.0:80: bind: permission denied\n"

You just need to run:

sysctl -p

I’ve not worked out how to make this a permanent setting, however the workaround to this is to edit your .bashrc file and add:

sudo sysctl -p

At the bottom of the file. Whenever to start up WSL2 fresh, it will prompt for your sudo password and will prompt for it for each WSL2 session.

Enjoy using a lighter Podman environment in Windows without the Docker Desktop bloat!

--

--

Andy Wong

DevOps enthusiast, photographer, tinkerer and dad. Pioneer of Old Git Ops.