Podman is a lot like Docker: a tool for running OCI containers. While it maintains backwards compatibility with Dockerfile and docker-compose syntax, it offers a lot of other benefits:
- daemonless: it can run containers without a daemon process running in the background.
- Rootless: can run containers without root privileges
- pods: can group containers into secluded pods, which share resources and network namespace
Podman has other features I haven’t explored yet, like compatibility with Kubernetes yaml file, and being able to run containers as systemd units.
Have you used podman before? What are your thoughts on it?
We are trying to use podman as a way to run Testcontainers and build images on a kubernetes cluster using Gitlab CI. Building works, but running Testcontainers doesn’t so far :(
Yes but imo it’s easier and nicer to integrate Podman into an existing build, for example with maven
You typically don’t use podman to build images and you would instead use something like buildah.
We are using the kubernetes executor. You can add additional sidecar services for your jobs, and we’re using that mechanic to run podman as a daemon. There are some gotchas I had to solve if I remember, but now it works nicely for us. Except for Testcontainers, which throws an exception when your Testcontainer is exposing ports
I got it all working on self hosted kubernetes and crossplatform builds with buildah. What’s your problem exactly? For TC you need to use some env vars to configure ports in .gitlabci
It’s pretty cool. I yeeted docker and now use podman instead.
Ive been using podman on my nas, and i like it.
It has its issues, but knowing your containers dont run as root just makes me feel more at ease. I dont really understand why a docker should run as root, if the software in the container often run as their own user…
Using it on multiple servers and in small scale prod deployment. Works like a charm.
podman-compose is also usable although noticeably unfinished.
I tried a couple of times to get Docker running rootlessly on my local machine, without just granting root-like permissions to the user. Spent a few hours reading just the worst documentation that tells you to do things with absolutely no explanation of why, feeling like an idiot.
Then I installed Podman. It worked more-or-less out of the box, and I got on with the rest of my project.
