Skip to content

Using Podman instead of Docker

Podman has an Docker API compatibility layer. k3d uses the Docker API and is compatible with Podman v4 and higher.

Podman support is experimental

k3d is not guaranteed to work with Podman. If you find a bug, do help by filing an issue

Using Podman

Ensure the Podman system socket is available:

```bash sudo systemctl enable –now podman.socket

or sudo podman system service –time=0


To point k3d at the right Docker socket, create a symbolic link:

```bash sudo ln -s /run/podman/podman.sock /var/run/docker.sock

or install your system podman-docker if available

sudo k3d cluster create ```

Alternatively, set DOCKER_HOST when running k3d:

bash export DOCKER_HOST=unix:///run/podman/podman.sock export DOCKER_SOCK=/run/podman/podman.sock sudo --preserve-env=DOCKER_HOST --preserve-env=DOCKER_SOCK k3d cluster create

Using rootless Podman

Ensure the Podman user socket is available:

```bash systemctl –user enable –now podman.socket

or podman system service –time=0


Set DOCKER_HOST when running k3d:

bash XDG_RUNTIME_DIR=${XDG_RUNTIME_DIR:-/run/user/$(id -u)} export DOCKER_HOST=unix://$XDG_RUNTIME_DIR/podman/podman.sock export DOCKER_SOCK=$XDG_RUNTIME_DIR/podman/podman.sock k3d cluster create

Using cgroup (v2)

By default, a non-root user can only get memory controller and pids controller to be delegated.

To run properly we need to enable CPU, CPUSET, and I/O delegation

Make sure you’re running cgroup v2

If /sys/fs/cgroup/cgroup.controllers is present on your system, you are using v2, otherwise you are using v1.

bash mkdir -p /etc/systemd/system/user@.service.d cat > /etc/systemd/system/user@.service.d/delegate.conf <<EOF [Service] Delegate=cpu cpuset io memory pids EOF systemctl daemon-reload


Using remote Podman

Start Podman on the remote host, and then set DOCKER_HOST when running k3d:

export DOCKER_HOST=ssh://username@hostname export DOCKER_SOCK=/run/user/1000/podman/podman.sock k3d cluster create

Creating local registries

Because Podman does not have a default “bridge” network, you have to specify a network using the --default-network flag when creating a local registry:

bash k3d registry create --default-network podman mycluster-registry

To use this registry with a cluster, pass the --registry-use flag:

bash k3d cluster create --registry-use mycluster-registry mycluster

Incompatibility with --registry-create

Because --registry-create assumes the default network to be “bridge”, avoid --registry-create when using Podman. Instead, always create a registry before creating a cluster.

Missing cpuset cgroup controller

If you experince an error regarding missing cpuset cgroup controller, ensure the user unit xdg-document-portal.service is disabled by running systemctl --user stop xdg-document-portal.service. See this issue

Last update: June 15, 2022
Back to top