Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
ashirviskas 11 hours ago

Why podman and not Docker?

foresto 5 hours ago | parent | next [-]

I run rootless containers on a low-power system.

With Docker, I found rootless setup to be a PITA, despite having experience with unprivileged LXC containers. The manager daemon constantly consumed system resources even when no containers were running. Docker upgrades sometimes refused to run my containers until I chased down whatever storage driver problem they introduced in the latest version.

When the most recent upgrade broke my containers yet again, I decided to give Podman a try. Setup was a breeze. There is no management daemon wasting resources. My containers just worked. Even the little cron script I wrote to query Docker for pending image updates just worked with Podman tools.

I think Podman also makes it easy to map host uids to non-root container uids, which ought to help me reduce attack surface. (I haven't actually tried this feature yet.) Last time I checked, Docker did not.

So far, I couldn't be happier.

paulryanrogers 10 hours ago | parent | prev | next [-]

It's free? Can run rootless?

Vilian 10 hours ago | parent [-]

Better integration with systemd

10 hours ago | parent | next [-]
[deleted]
TacticalCoder 9 hours ago | parent | prev [-]

That's funny. To me one of the whole point of containers is that it's not systemd that's PID1.

Combine that with a distro like Talos, an immutable Linux distro that contains less than ten executables and where none of them is systemd and...

At long last containers and stuff like Talos show a path leading to, in a not-so-distant future, a world where we can be systemd and [ini]/microsoft config files (from a microsoft employee btw) free again.

AceJohnny2 3 hours ago | parent [-]

It's not about running systemd in the container (practically nothing does that, though I myself considered it for a multi-user ssh shell system), but making containers manageable under systemd alongside other units.

aragilar 2 hours ago | parent | prev | next [-]

It's got a more modern design while having a drop-in CLI interface to docker (and also if needed a near-drop-in replacement for the docker socket API). This makes it the preferred backend for tools like distrobox.

cowmix 8 hours ago | parent | prev | next [-]

On Snapdragon / ARM Windows, it is the only game in town -- and it works great too!

jrks11o 10 hours ago | parent | prev | next [-]

docker desktop licensing changes in 2021

scuff3d 7 hours ago | parent | prev | next [-]

It comes preinstalled on RHEL8 and I can't be bothered to swap them.

seemaze 10 hours ago | parent | prev | next [-]

It supports Kubernetes *.yaml manifests?

hdjrudni 4 hours ago | parent [-]

Is that a question or a statement? I'm running Kubernetes on Docker Desktop. But every few months Docker Desktop either outright craps out and forces me to wipe everything and rebuild my containers or the latest annoyance is that it keeps giving me popups saying something something couldn't start Ubuntu.... but then seems to work perfectly fine after skipping it 10 times.

2OEH8eoCRo0 10 hours ago | parent | prev [-]

Docker took too long to support cgroups v2