Thread 107052615

Is podman mature enough to overtake docker?

>>107052615 (OP)
saar

>>107052615 (OP)
Yes

yes

No.

If you want to run a docker container of a project that tells you to run it as docker container... run it with docker.
There is no reason to take any gamble here.
If you yourself create something new, sure, use podman. But if you take something that already exists, use what it got made for.

The whole container-stuff is made for ease of deployment. It's all about being quick and easy. So keep it that way.

>>107052615 (OP)
differences being?

>>107052615 (OP)
https://github.com/containers/podman/blob/main/rootless.md

>>107052615 (OP)
I've used podman before and it was fine, but the containers I ran with it were all very simple so I had no issues.

podman has:
- quadlets (cool way to start containers with systemd)
- play kube (some sort of bridge between podman and k8s
- rootless ootb
- it does not need systemd dockerd process running at root priviledges in the background 24/7

docker is not entirely open source btw

It has already replaced Docker in all Kubernetes deployment. No one uses uses docker as a container runtime for that.
People say that Podman Compose is not as good as Docker's but I have never tested it myself.

I have asked at work why we not switch from docker to podman, they laughed

>>107052615 (OP)
>Is podman mature enough to overtake docker?
Yes. Obviously.

Will it overtake docker? No. Docker has become synonymous with "container." Most people don't realise that Docker are just building and maintaining containers. I've heard people say "oh, I use podman to run my dockers"

>>107052615 (OP)
Sure but everyone already uses Docker and Docker is good enough so I don't see many people switching to Podman even though it's a bit better.

if the FBI is not using Podman I won't too
https://github.com/fbicyber

Podman is already superior in every way. Only a retard is still using docker.

luke smith said docker and podman are retarded though

Podman can tongue my anus.

Why are there so many tools, who actually needs this.

>>107052615 (OP)
Is there a podman swarm? Like docker swarm?

docker is shit because it needs root
but both are shit because they dont work on BSD

>>107055213
Podman is supported on FreeBSD since last year.

>>107054679
Docker licensing is not very good for enterprises, so companies, especially Red Hat built tools around the specification to fill not only what Docker does but also the gaps to enable Kubernetes and other stuff.
Docker is the Ubuntu of containers, not the first and far from the best, but it is too popular and associated with the technology to not have a massive market share.

>>107054732
Yes, it's called Kubernetes.
Jokes aside, you can use nomad for it.

>>107052615 (OP)
I don't see why it wouldn't be from my own use of it. It's more useful, you can do much more rigorous uptime testing for VPN etc. it's very difficult to make Docker wait for VPN to be up before starting. The hacky solutions don't even work... With Podman because it's Quadlets and systemd etc you can call a bash script from the initialization of a particular service and it actually has access then to all the real system variables and shell.

>>107055514
First time I've heard an argument for podman besides 'I hate Docker just use cgroups noob' sentiments. Any time I've had Docker and networking dependencies I do wait-for-container and a validation container or status containers. Not emotionally tied to any tech here that's just what I've been using.

>>107053213
You can run Podman with root, can't you?

>>107055559
Are you able to share how this works? I wasn't ever able to get it to reliably work. Containers would always just end up starting before the VPN was ready, no matter what wait for directives I used. Maybe Gluetun just doesn't do what's needed for the tests to work as they should.

>>107052615 (OP)
Tbh it's hard to compare docker & podman.

At this point, podman is way better, and has more features, but docker has the image repository and is popular with npc code monkeys.


I share opinion of
>>107055400

>>107055588
Yes but why would you want that?

>>107055750
Why wouldn't you want that?

>>107055759
Because that is an exploit vector.
I bet you full disable SELINUX

>>107056172
Nobody is trying to access your hentai collection. It's not really worth doing if there's a slight inconvenience or issue somewhere IMO.

>>107052615 (OP)
I still have a ten line shell script that generates chroots from templates. I don't know why this needs some kind of framework or fancy software.

>>107056172
The original point of our replies is >>107053213
My intention was pointing out that those Podman drawbacks are eliminated by running it with the same privileges as Docker does.

>>107054212
containerization on the desktop is retarded though

>>107056748
>containerization on the desktop is retarded though
Reason? Jeet, I don't want all kinds of python versions on my mainsystem, what about older software for SLES/RHEL/Debian/Ubuntu??? Pro drivers in a docker container??? Preventing clutter... Dev env??? AI shit???

>>107056793
You're arguing against arguments made by "people" who don't actually get work done on Linux, they just mess around with it like a box of toys and rice anime desktops.

>>107055715
>podman is way better, and has more features
And what would those be?
You're asking for trouble if you rely on anything Docker doesn't support.
>>107055400
>Docker licensing is not very good for enterprises
Literally Apache licensed. Free and open source.

>>107052615 (OP)
tried switching some time ago
it was too much pain in the ass to make some of my compose files work properly
stayed with docker, fuck quadlets

>>107057026
Not embracing compose is the most retarded shit.
You can use the docker cli and connect to a podman socket, so you can run the official docker compose, but like what's the point, why not just install docker at that point.

hasnt it already? isnt docker literally just podman underneath?

>>107052615 (OP)
on paper i'd prefer it but the last time i looked at it you had to manually create systemd services and shit that docker would just do for you
docker has a lot of issues but it just werks

>>107057026
Why don't you like Quadlets? They're really good and make it easy to keep backups of your entire stack, edit them, etc.

default on steamdeck so i guess so

>>107056994
And what would those be?
>>107053506 sums it up. That said, kube play is hilariously unfinished, so it doesn't count.
>>107057089
You are thinking of containerd

>>107056994
Bootc and >>107059264
>>107053506
, for example.


What kind of trouble?
Docker isn't prod tool, it's a homelab and monkey thing. People use it in pipelines but as others told you the licensing and pricing are bad.

>>107052615 (OP)
on nixos it just works

>>107053538
>Podman Compose
It basically exists for legacy and integration
There's no reason to ever use it for a greenfields project
>>107053839
>Docker is good enough
Enjoy your firewall having its ass blown out with zero notification of that and random test services being completely exposed to the Internet on your root by default "container"
Docker gets glowies hard

>>107052665
>There is no reason to take any gamble here.
What gamble?
>runs podman iti didn't work
dang
>run docker it works
rolling those dice

>>107056244
post the script
>>107057866
how do you do backups of the entire stack in podman? In docker compose, I just bind local paths for config and data mounts and then backup the whole folder with the compose config, ezpz.

>>107055588
Yes but not by default and with more effort.
It's the complete opposite for docket

>>107060312
>by default
You can just login as root or use sudo.

>>107059264
yeah youre right
although podman and docker have api parity

>>107052615 (OP)
I switched to it on Fedora because docker refused to work. I just had to alias `podman` to `sudo podman` because by default it runs everything "rootless", meaning it downloads image data into your local home folder, and if you ever try to run an image with sudo it'll have to re-download the image. Not nice. Also, podman-compose is much worse than docker compose, it doesn't even seem to do variable interpolation right in some of my projects.

>>107059825
What else than compose should I use for running a bunch of containerized services locally to develop stuff?

>>107053506
>cool way to start containers with systemd
So compose but less intuitive?
>some sort of bridge between podman and k8s
Could be useful, I don't know much about it.
>rootless ootb
This is actually good. I wish docker containers were rootless by default. I have to manually hack them to make them rootless because I don't want processes to run as root on my own machine, and it's not allowed in our k8s cluster either.
>does not need systemd dockerd process running at root priviledges in the background 24/7
This is also good, but I won't trade it for a lack of compose compatibility.
>>107059315
>docker is not entirely open source btw
>the licensing and pricing are bad.
So which parts of Docker aren't open source? Don't say docker desktop because my head can't take any more smashing b a k a

>>107061637
>a bunch of containerized services
Quadlets. You put a .container file in /etc/containers/systemd/ and it will automatically generate a systemd service from it when systemd is reloaded, then you can just treat it like any other service.
https://docs.podman.io/en/latest/markdown/podman-systemd.unit.5.html

>>107052615 (OP)
Yes... But I hate containers.