DEV Community

loading...

Podman The Docker Alternative

Mohamed El Bahja
A polyglot who prefers PHP and GO.
Updated on ・3 min read

I'm using Podman for almost a year now, and it's awesome. the interesting thing that many developers never heard of it!

What Is Podman?

Podman it is a container engine that is used for developing, managing, and running OCI containers, container images, and pods (groups of containers deployed together on the same host).

In short, It is an open source daemonless and rootless container engine which is developed by Redhat, when Podman was launched Redhat’s main ultimatum was to provide an alternative to the current popular container engine Docker, but you may wonder: Why should I switch to Podman?

In this article, I have compared Podman with Docker! why Podman is a better alternative to Docker?

Daemonless

First of all, if you are a Docker user, you know that Docker works through a daemon. If Docker daemon isn’t standing, you won’t get your container up.

Podman runs with the runC container runtime process, which runs directly on the Linux kernel, without the need for a daemon.

Instead of the daemon, Podman launches containers and pods as child processes, podman interacts with libpod, a library that allows other tools to manage pods and containers.

The Podman directly interacts with the image registry, container, image storage, and the Linux kernel. Whereas in Docker the single point of failure daemon does all the work by interacting as an agent with registries, images, containers, and the kernel.

Docker manages everything related to containers like network, storage, execution, etc by the same service, which can bring some disadvantages, since the more containers you use, the bigger and more complex the docker service becomes.

This is why Podman authors have decided to develop its tool without relying on a daemon, Podman does not need a "big fat daemon" to work. They have decentralized all the components necessary for container management and have individualized them into smaller components that will be used only when necessary. This decentralization offers a large number of advantages.

Rootless

One of the main benefits of using Podman is enhanced security. For starters, Containers under the control of Podman can either be run by root or by a non-privileged user, maintaining almost all functionality. This is a great advantage since you can run your containers with different users who have different privileges.

Podman also uses a traditional fork/execution model, as opposed to the client/server model that Docker uses.

Another advantage of Podman is that it is capable of using UID separation using namespaces, which provides an extra isolation layer when running your containers, Which presents Podman as a safer tool.

Easy to Migrate

When building Podman, Redhat made sure that Docker users could easily adapt. So all the flags and commands you are familiar with: pull, push, build, run, commit, tag, etc... all exist with Podman.

Migrating from Docker to Podman is very easy, it provides a Docker-compatible command-line front end that can simply alias the Docker CLI, using a command:

# just in case you forgot to type podman!
alias docker=podman

Note: before using alias command you should stop Docker first, and podman local repository path is /var/lib/containers based on OCI standards, instead of /var/lib/docker!

Podman supports Dockerfile and docker-compose.yml, but if you decided to immigrate you can rename Dockerfile to Containerfile and docker-compose.yml to container-compose.yml.

Image Management

Images created by Podman are compatible with other container management tools that adhere to OCI standard, and hence they can be pushed to other container registries like Docker Hub. Podman specializes in all of the commands and functions that help you to maintain and modify OCI container images, such as pulling and tagging. It allows you to create, run, and maintain those containers created from those images in a production environment.

Although Podman is able to build images very similarly to Docker with the Podman build command, the Redhat team also offers us another tool called Buildah and Skopeo, these tools are much faster and uses less disk space because of overlay storage driver.

Using Systemd

Podman’s fork and exec architecture allows you to use systemd features like sd notify, socket activation, and managing containers with service files. No daemons are used in the background for this purpose.

Conclusion

I hope you liked this article where we discussed What is Podman?, what are its advantages over Docker?, what do you think? Is Podman a better alternative to Docker? try it to see!

Discussion (5)

Collapse
aashish profile image
Aashish Chaubey 💥⚡️

Thanks, this is the first time I hear the name of Podman and this post of yours makes me try it!

Collapse
aashish profile image
Aashish Chaubey 💥⚡️

I had a very peculiar experience today.

I provisioned a Linux VM machine for me to run an application. The application was containerized and running well on my machine. I don't know for some reason it was failing on the remote. I tried various ways to mitigate it but to no avail. I was stupid not to check if right docker was installed there.

And when I finally check for the version in despair, I found podman was running on the machine and that is what caused the error. The first time I read about podman was from this post and hours later I had to encounter it in a very weird circumstance (what are the odds!).

Now I am curious, I did not install podman explicitly on the machine, how did it get installed automatically? Is it shipped by default with the RHEL servers now?

Collapse
dev0x0 profile image
Mohamed El Bahja Author

What a coincidence! Podman is developed by redhat it's installed by default on Fedora-CoreOS, and Fedora SilverBlue, I don't think it's installed by default on RHEL?

Thread Thread
aashish profile image
Aashish Chaubey 💥⚡️

Oh if it is developed by RedHat then it is their obligation to install as default on RHEL! Makes sense! So technically I used Podman even before knowing about it!

Thread Thread
dev0x0 profile image
Mohamed El Bahja Author

alias docker=podman 😅