Podman is a lot like Docker: a tool for running OCI containers. While it maintains backwards compatibility with Dockerfile and docker-compose syntax, it offers a lot of other benefits:
- daemonless: it can run containers without a daemon process running in the background.
- Rootless: can run containers without root privileges
- pods: can group containers into secluded pods, which share resources and network namespace
Podman has other features I haven’t explored yet, like compatibility with Kubernetes yaml file, and being able to run containers as systemd units.
Have you used podman before? What are your thoughts on it?
I was scrolling through and this caught my eye but I totally misread it on first glance, I thought you typed “Pokemon is a demon” and I had to stop and scroll back cuz I was like oh shit this is going to be a good thread.
You’re about 20 years late for that particular shitshow, but here’s a fun video retrospective on the war on Pokemon if that’s your thing.
I tried replacing some components of my NAS server that were on docker/docker-compose with podman but unfortunately it was not a 100% drop-in replacement. I had networking issues in podman that I did not have in docker.
The network stack is implemented quite differently in podman than in docker, once you start using more advanced features the backward compatibility disappears.
Since it came second, I think it has a lot of technical advantages, avoiding docker’s mistakes and what not. In the long term I’ll probably switch to it, unless Redhat keeps shooting itself in the foot…
I personally liked podman’s networking a lot more, but my issue is that it is not well documented. I hope that improves.
May I ask which networking issues you had?
I think one of the issues I had was trying to run pihole with podman on a raspberry pi. I could not get DNS requests to work by just mapping the right ports. I ended up just running with --net=host and it worked, I didn’t feel like debugging further.
I had other issues on my NAS but I don’t remember what it was, I have a lot of services on it, qBittorrent, Wireguard, Jellyfin, Jackett, netdata, prometheus, samba, syncthing, pihole (redundant), wsdd all in docker.
I exclusively use podman instead of docker at work and at home and haven’t encountered any unsolvable problems.
I tried a couple of times to get Docker running rootlessly on my local machine, without just granting root-like permissions to the user. Spent a few hours reading just the worst documentation that tells you to do things with absolutely no explanation of why, feeling like an idiot.
Then I installed Podman. It worked more-or-less out of the box, and I got on with the rest of my project.
Docker has rootless containers, too, although I think Podman has slightly better options for unprivileged uid management.
Daemonless is appealing, especially for low-powered servers. Getting rid of Docker’s background resource usage is the main reason Podman is on my to-do list.
I imagine pods could be handy to reduce network configuration for related services.
I like that the tools exist to make Podman a drop-in replacement for Docker, including the building of containers.
I have no interest in systemd; I hope it’s optional.
Docker has rootless containers, too, although I think Podman has slightly better options for unprivileged uid management.
I have not used Docker rootless, but I imagine podman has much better and more flexible network configuration as well?
On systemd, I actually do not use systemd either, hence why I said I never tried those features. It is not a hard requirement at all. Though I have not tried to use any integrations with OpenRC and podman
Works great. You can even make it pretend to be Docker so you can use the Docker commands.
It’s pretty cool. I yeeted docker and now use podman instead.
