Let’s walk through what Podman is and how to use it as a Docker alternative on Linux. Expect a straightforward guide on installing Podman, running containers with it, and understanding the basics.
Serious question: I’ve been running rootless Docker since it became possible. In what way is it limited compared to using Podman?
Nothing really critical.
Differences from where I’m at
- docker doesn’t have native systemd integration (“quadlets”)
- docker needs a daemon running
- podman has pods (like kubernetes) which are great for isolation of complex services
- you can run podman containers with kubernetes yaml
Oh, and I’ve found SELinux easier to handle with podman, but that might be just more experience now.
Apart from the other comment: rootless podman is easier to set up (there’s basically no set up needed).
Docker compose is so nice though
You can use docker compose with podman, or use podman compose.
Yeah, compose has been an open standard for a while now, that’s why docker started* pushing you to rename your files to
compose.yamlrather thandocker-compose.yaml.That’s really cool of docker to do
If you need a collection of containers run it as a k8s pod.
Trying to do a small thing in k3s is super simple. Trying to do a big thing in docker compose is awful.
I’m confused at all these comments saying podman is hard to use, I used it a bunch last year and found it a drop in replacement for docker (though I didn’t set it up).
Different==hard
I just set up a server running centos that has podman pre installed and I couldn’t get it to work without installing additional packages and following guides.
It’s not. I mean you could use podman compose but it’s no longer developed.
It’s not being developed? From their repo it looks like it’s still being worked on.
podman missed the chance to grow, by making it very difficult to configure and use it. The way quadlets work is just such a struggle, if you have been using compose for years. And no, I don’t want to use podman compose, as I can just use rootless docker instead.
The way quadlets work is just such a struggle, if you have been using compose for years
Learning new things is hard, sure, but quadlets are not that complex. Take a few hours to sit down and read through the manual or a tutorial, and you’ll find they’re easier to maintain, write, and deploy.
Hot take: Docker compose is poorly designed, and very little thought went into the deployment side. It only ‘won’ because it was there first, and bad habits are tough to break.
Fully agree with the compose part, as it has some weird shit in it, too. I gave podman with quadlets many chances and after a while, I always switched back to docker for some reason
Docker Compose works great with Podman.
It supposedly does. But why should I use podman then?
Native system packages and more features as well.
Okay, now I am curious. Can you please explain what exactly you mean? Like, what do you mean by “Native system packages”? And what features would you miss with docker? Thanks!
Sure! Docker CE needs you to add their own repo for deb or RPM based distros. Podman is available on all of the big distros main repos.
The biggest feature to me is this one https://docs.podman.io/en/latest/markdown/podman-kube.1.html
Podman and docker are good getting started with container steps (nerdctl is also awesome), but just a starting point with k8s being the goal for almost every service and job deployment to me.
The main reasons for me are security, reliability, and one less daemon. But you do you.
Docker works. Podman requires a ton of workarounds and wastes my time. I hope it gets good one day, but I’m not reverting to using systemd to manage containers.
You sound like you work at us-east-1
I know this is a joke. But the reason I cannot have podman is because the tooling for us-east-1 will simply not work with podman (on my pc).
I am struggling to access a smb server with podman. I have it mounted on the host using fstab, but many podman containers refuse to access with permission issues, even setting uid:gid to 1000:1000 and giving ownership with unshare.
Any hint? I know there’s not much detail, but I think I’m missing something fundamental
Could be an SELinux issue. Look up mounting with the :z/:Z option.
Tried that :(.
Seems to be something about the smb share itself, because of I point to a folder on the drive it works, only fails when it’s a mounted samba share.
I’ll need to make a post with ask the details, thanks in any case!
Check out this blog post which details how uids work within rootless containers. It’s useful troubleshooting knowledge to have.
