WebSphere Application Server & Liberty

 View Only

Lessons from the field #35: Running containers in a VM

By Kevin Grigorenko posted Tue November 21, 2023 08:00 AM


As people move towards container platforms such as Kubernetes and Red Hat OpenShift, a useful intermediate step is to run containers in virtual machines. This allows for testing containers in existing environments by replacing existing processes or running side-by-side. In addition to testing out how containers work, this also allows you to try out container-based technologies such as WebSphere Liberty InstantOn for blazing fast startup times.

One simple way to run containers in VMs is to use podman and podman-systemd. This article will demonstrate an example of how to use podman to run containers in VMs. Note that some features may require a recent version of the Linux kernel.

Install Podman

Podman is available in most recent Linux distributions and may be installed using built-in repositories. In this example, I'm using Ubuntu-22.04 on Windows using the Windows Subsystem for Linux version 2 (WSL2):

> wsl --install -d Ubuntu-22.04
... follow the installation steps ...
$ sudo apt-get update && sudo DEBIAN_FRONTEND=noninteractive TZ=${TZ:-UTC} apt-get -y install podman

Other distributions will look similar; for examples:

  • Modern Fedora/RHEL/etc.:
    sudo dnf install -y podman
  • Older Fedora/RHEL/CentOS:
    sudo yum install -y podman
  • SUSE:
    sudo zypper install podman
  • Alpine:
    sudo apk update && sudo apk add podman

Verify Podman

Verify that podman installed successfully by running the hello-world container:

$ podman run --rm hello-world
!... Hello Podman World ...!

The --rm option simply means to delete the container after it completes.

Running a WebSphere Liberty container

Next, let's verify we can run a simple web application and expose and access the HTTP port. We'll use a WebSphere Liberty container without an application but with the default landing page:

$ podman run --rm -p 8080:9080 icr.io/appcafe/websphere-liberty
[AUDIT   ] CWWKF0011I: The defaultServer server is ready to run a smarter planet. The defaultServer server started in 5.425 seconds.

The -p option is the key option to expose the container to incoming traffic. The option is the local port in the VM which will be listening and the container port that the traffic will be proxied to. In this example, WebSphere Liberty is, by default, configured to listen on port 9080, but I wanted to access it on my VM through port 8080.

Once you see the CWWKF0011I message, try to access the page at your VM's host; in my case, http://localhost:8080/. If everything works, you should see the default landing page:

Now go back to the running container window and press Ctrl^C to end the container.

Auto-starting a container

A key requirement in VMs is to auto-start processes on boot. The podman systemd support since podman 4.4 offers this support through systemd; however, since I'm on the older 3.4 version of podman, I'll be using the podman generate systemd command which is similar though a bit more manual:

$ podman create --name websphereliberty icr.io/appcafe/websphere-liberty
$ podman generate systemd --restart-policy=always --new websphereliberty | sudo tee /etc/systemd/system/websphereliberty.service

Before starting the service, edit /etc/systemd/system/websphereliberty.service and add in our port option from above; for example:

ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm -p 8080:9080 --sdnotify=conmon -d --replace --name websphereliberty icr.io/appcafe/websphere-liberty

Reload systemd configuration:

sudo systemctl daemon-reload

Start the service:

sudo systemctl start websphereliberty

Check that you can access the application on port 8080 again.

Finally, enable the service to start on boot:

sudo systemctl enable websphereliberty


In conclusion, consider exploring running containers in your existing VM environments either to prepare for moving to the container orchestration platforms and/or to get some of the benefits of containers in your current environment. For details on how to build containerized applications with WebSphere Liberty, see the documentation and guides.