Sunday, October 17, 2021
Home AUTOMATION Podman: Alias Docker or Bitter Rival?

Podman: Alias Docker or Bitter Rival?

What is Podman?

Containerization is undoubtedly a game-changing technology. Today companies often prefer cloud-native applications running within containers with microservices. Docker has been the dominant player in the market since 2013. Yet, the strong alternatives continue to emerge. Podman is a daemon-less container engine. It allows you to develop, manage, and run Open Container Initiative (OCI) containers and container images on your Linux System. Put simply, OCI is an open governance project (initiated by Docker in 2015) to establish open-source industry standards on container formats and runtime. Podman manages not only containers but also the entire container ecosystem, including container images, container volumes, and even pods through libpod library. A tiny tip: Podman’s full name is “pod manager tool”, which comes from pods in Kubernetes.

Podmans vs. Docker

To understand Podman and its innovations, we need the terminology of Docker, which is commonly known in the market. The most important innovation brought by Podman is working with runC container runtime processes in Linux kernel without daemon process. While this architecture makes Podman a more light-weighted container engine, it also eliminates several security risks. The daemon process of Docker may lead to a single-point-of-failure, which means termination of the entire system in case of an error.

Docker perform any commands throughout docker daemon.
Docker Architecture

Security vulnerabilities might also occur during the creation of containers. Root privilege is required when the client and daemon process is communicating. Thus, mounting it to a container means giving that container root privileges on the host. On the other hand, Podman has a command set similar to Docker CLI, and it can perform all these operations effectively as rootless, using the power of being daemon-less and user namespaces, together with image build processes.

Let’s briefly touch on other differences between Podman and Docker.

  • Docker stores images locally, while Podman allows you to store images and containers in different platforms
  • Docker works on the client-server architecture of the containers, whereas Podman on the traditional fork-exec model
  • One extra feature of Podman is that you can quickly move the images you create to the Kubernetes environment
  • In addition to Private registries, Podman can pull images from repositories such as Docker Hub and Quay.io
Podman works with runC container runtime processes in Linux kernel without daemon process.
Podman Flow

Getting Started with Podman

Podman is a tool for running Linux containers. However, you can use it on both macOS and Windows desktops as long as you have access to a virtual machine on the host or a Linux box available on the network. You need to install the remote client and then set the ssh connection information. Podman can also run in the Windows Subsystem for Linux system (WSL) with small configurations. 

When it comes to Linux, you can easily install Podman on numerous Linux distros. I want to briefly show you how to install it on an Amazon EC2 instance. The commands required to install Podman are as follows.

sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_7/devel:kubic:libcontainers:stable.repo
sudo yum -y install yum-plugin-copr
sudo yum -y copr enable lsm5/container-selinux
sudo yum -y install podman

To verify if podman is installed successfully, you can check the version of the Podman CLI.

podman version
Mustafa Gonen
DevOps engineer, helps companies to balance their needs throughout the software development life cycle, from coding and deployment to maintenance and updates by automation. He believes the beauty of diversity. Working in DevOps culture and being a part of this harmony makes him highly motivated and satisfied.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Popular

What is Buildah? Build, manage and modify your images

Buildah builds images and working containers. What is Buildah? Buildah is a command-line tool for...

Skopeo: Master Management Tool of Container Images and Registries

Skopeo: Master Management Tool of Container Image and Registries What is Skopeo? Skopeo is a...

Podman: Alias Docker or Bitter Rival?

What is Podman? Containerization is undoubtedly a game-changing technology. Today companies often prefer cloud-native applications running within...

Jenkins. Invalid agent type “docker” specified. Must be one of [any, label, none]

Jenkins is working with plugins, if you didn't install Docker and Docker Pipeline plugins you can get this error. "Jenkins. Invalid agent...

Recent Comments