Podman

November 2, 2021

Lang: cs en de es

Docker has pushed containerization en masse, for that he deserves a big thanks! But there are already new possibilities. Due to some of the drawbacks of Docker, some companies and service are switching to Podman, which is equivalent to Docker. What are the differences to Docker and how to switch to Podman?

Podman is a newer solution and an alternative to Docker. Podman, like Docker, is a tool for creating, managing and running containers. It is a solution designed for Linux. Podman is largely compatible with Docker. One of the differences is that the developers of Podman put a lot of emphasis on security.

podman

If you're getting started with containers, then you're probably interested in Docker, then read the article How to get started with Docker.
If you are moving from Docker to Podman you can use the alias option and just call Podman instead of Docker. Use the following command in the console to set up an alias:

    alias docker=podman
Thanks to compatibility, you can switch from Docker to Podman very easily.

Differences between Podman and Docker

Despite being a technology for the same use case, and Podman being developed to be compatible with Docker, there are there are differences. After all, the differences are what bring advantages and possibly various barriers to use.

    How Podman differs from Docker:
  • Podman is a rootless technology. This means that it does not need root superuser permissions to run.
  • Noexec works - you can mount a filesystem so that files cannot run on it.
  • Doesn't work "restart always". So you have to solve it differently.
  • The container will not keep a connection with the ssh server. I haven't figured out what it is or found more information on it.

Someone was using Docker, and needed to control it with some other tool, they would build a socket that could be used to communicate with the Docker daemon and control everything about Docker. But this is a security risk because Docker runs under root. Podman, because it doesn't run under the super user root, so that risk is not there and Podman is therefore more secure.
It also implies that under Podman, you don't drop the container on port 80 and other ports lower than 1024. These are the ports reserved for the superuser root. The solution is to modify the system configuration, or a simpler solution is to just drop containers on ports higher than 1024.
Podman allows you to generate a YAML configuration to run in Kubernetes. Podman honors the system configuration and so, for example, containers inherit the settings of the attached filesystem. For example, if filesystem is mounted with the parameter no execute you no longer need to provide an extra parameter to configure the Podman container, but Podman will mount the given directory with the same configuration.

Testing Podaman

The easiest way to try Podaman is to use the Debian min version 11 Linux distribution. Podman is already part of the standard repository. In Debian, you install Podman with the command:

apt-get install podman
And then anyone who has experience with Docker can immediately try Podman, because of the similarities.

Video Podman

Video by Docker is dead, long live Podman, in which I give you some basic information about Podman technology, the differences from Docker, show how to install Podman and how to use it for the first time:

Pods

Podman extends the concept of containers to include so-called pods - these are a set of containers that share system resources.

Start using containers

Docker and containers in general is a buzzword. They are often used automatically in projects and sometimes badly. However, they aren't always needed and in that case, they are just an unnecessary hassle for more. However, when used in a meaningful way, containers can make your job significantly easier and thus save you time/money and prevent problems. Especially for local development, testing, experimentation or training, it is ideal. If you have never used containers before I recommend you try them out and see for yourself if and what they are good for.
If you are new to containers I am happy to offer a container consultation or training on the topic.

Articles on a similar topic

GitLab CI/CD: test automation and application deployment
Migrating VPS from VMware to Proxmox
VMware licensing change
Running Microsoft SQL Server on Linux
Backup: the Proxmox Backup Server
Linux as a router and firewall
How to upload a docker image to the Docker Registry
Linux: logical volume management
Linux Software RAID
Running a web application behind a proxy
Mailbox migration
Docker multistage build
Backing up your data by turning on your computer
Importing Windows into Proxmox virtualization
Docker and PHP mail
Proxmox virtualization
Docker and Cron
Lenovo ThinkPad X1 Carbon: LTE modem EM7544 commissioning
Yocto Project: Build custom operating system for embedded devices
Preparing a Linux server to run a web application in Python
How to address poor file share performance in Docker
How to get started using Docker correctly
Installing Linux on a dedicated HPE ProLiant DL320e server
How to stress test a web application
Why use the JFS filesystem
How to boot from a 4TB drive with GTP using UEFI
Btrfs file system
Raspberry PI
WINE - running Windous programs under Linux
GNU/Linux operating system

Newsletter

If you are interested in receiving occasional news by email.
You can register by filling in your email news subscription.


+