Podman: Difference between revisions
No edit summary |
No edit summary |
||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
== Introduction == | |||
Podman is an alternative to Docker for running containers on Linux. It is similar to Docker in many respects, but differs in some key areas: | Podman is an alternative to Docker for running containers on Linux. It is similar to Docker in many respects, but differs in some key areas: | ||
* Doesn't require root privileges by default | * Doesn't require root privileges by default | ||
* Containers can continue running when Podman is stopped | |||
* Upgrading Podman doesn't stop all containers (unlike upgrading Docker) | |||
== Naming changes == | |||
* Podman refers to layers as blobs | |||
== Traps for the unwary == | |||
* Installing the podman package on Ubuntu doesn't include compose - you have to install podman-compose as well | |||
* Short image names are not supported by default - you have to convert them (e.g. mariadb:10.11 becomes docker.io/mariadb:10.11) | |||
* Rootless by default means you cannot forward ports from the container to a privileged port (below 1024) on the host (you can run software within the container on privileged ports) | |||
== Container orchestrators == | == Container orchestrators == | ||
| Line 26: | Line 40: | ||
== Container runtimes == | == Container runtimes == | ||
A container runtime is the interface between the kernel and the containerised application. | A container runtime is the interface between the kernel and the containerised application. A container engine will usually support multiple container runtimes. | ||
Latest revision as of 17:43, 29 August 2025
Introduction
Podman is an alternative to Docker for running containers on Linux. It is similar to Docker in many respects, but differs in some key areas:
- Doesn't require root privileges by default
- Containers can continue running when Podman is stopped
- Upgrading Podman doesn't stop all containers (unlike upgrading Docker)
Naming changes
- Podman refers to layers as blobs
Traps for the unwary
- Installing the podman package on Ubuntu doesn't include compose - you have to install podman-compose as well
- Short image names are not supported by default - you have to convert them (e.g. mariadb:10.11 becomes docker.io/mariadb:10.11)
- Rootless by default means you cannot forward ports from the container to a privileged port (below 1024) on the host (you can run software within the container on privileged ports)
Container orchestrators
A container orchestrator performs orchestration, i.e. the management of containers across nodes (which may be across different machines). For example, if you have two web nodes (with a load balancer) and a database node, your orchestrator will ensure that all the nodes are configured and can talk to each other as needed.
Orchestrators include:
- Kubernetes
- Apache Mesos
- Docker Swarm
Orchestrators are generally not compatible with each other(?)
Container engines
A container engine configures applications to run on nodes. These are what you will typically interact with during development.
Engines include:
- Docker
- Podman
Container runtimes
A container runtime is the interface between the kernel and the containerised application. A container engine will usually support multiple container runtimes.