Understanding Podman Coming from Docker
This is going to be a bit of a ranty post, but engineers are good at that kind of thing. So here goes.
A bit of Background
I started my devops career learning about docker and docker-compose. I enjoyed the elegance of being able to write a file of what services I want in a yaml file and bring the entire thing up. Very very easy to rapidly deploy something for testing and into my own production. Use this image, on this port, here’s where to store your data and you can connect to this database. A simple compose file could look like this.
services: memos: container_name: memos image: neosmemo/memos:stable ports: - 5230:5230 volumes: - ./memos/:/var/opt/memos restart: unless-stoppedDownload and run this webapp called memos, use port 5230, store your data in a directory called memos. Restart if anything crashes until I tell the daemon to stop it. Very easy to understand and follow along!
Docker has a few cons
Docker has a few pain points however. The biggest one being that it runs a centralized daemon and if you need to update docker, e.g. a security update is released well… all of your services have to come down for a moment while the patch is applied. That kind of sucks in terms of maintaining stable services and if you have your server set to automatically apply updates (remember automation is good!) who knows when your stuff can go down.
Docker also doesn’t come in the default Debian/Ubuntu repositories. You have to install it from a third party repo. This isn’t that big of a deal but the additional configuration is just something you have to remember when setting up a new test environment instead of a simple apt install docker.
Lastly docker does support a rootless mode, though it has some limitations. This leads me to my search for alternatives, wondering if there might be something better out there.
Enter Podman
So I decided to examine podman. I wanted to find a way to follow my same workflow (or as close as possible) while using this different implementation of containerization. It addresses my concerns: it comes default in the repos, it natively supports rootless without any monkeying around, and it is daemonless! Sounds good right? Not exactly.
Podman-Compose
Okay so as it turns out someone thought of this already! A python program to implement the same thing as docker compose except through podman as your backend. Perfect! Except… every time I try to run a stack I get python errors and crashes…. unless I run it as sudo! So much for trying to escape the need for root there. I’ve tried testing it with a simple deployment of bookstack with a backend mariadb. Never works right! I dont think it properly creates the environment variables defined in the yaml file. So really what’s the point of fighting this? Next!
Podman generate/play
So I start searching around to see if there’s a more native implementation of compose like files with podman and I find this redhat article! Written by the people who made the damn thing I expected a nice outline of how to do this. Holy shit was I mistaken reading this:
https://www.redhat.com/en/blog/compose-podman-pods
This is about as clear as mud. Basically the idea of podman-compose is still being worked about in their development. (To be fair this might have changed in the 5 years since this article was written) but they continue with the concept of podman “pods” and the command “podman generate” which will create a kubernetes style yaml file of what you’ve already created.
Well that’s nice but it seems completely ass backwards from what I’m needing here.
It seems I’m not the only one who’s had a negative experience:
I could continue trying to make this work, but at this point it seems like I’m fighting a fairly pointless battle. Yeah its daemonless, but my workflow isn’t compatible exactly. I could try systemd integration but that’s something I already barely tolerate as it is. I don’t see the point of continuing to fight this when docker already is perfectly functional as it is with a few minor nags.
Maybe someday Podman will be able to compete better on this front but for right now, it’s not for me!
Supplemental: Looks like the activitypub post botched the reddit comment embed above. You can view it directly here: https://www.reddit.com/r/podman/comments/1bk4nee/comment/kvvnxed/
or view the blogpost directly at: https://blog.theheart.land/understanding-podman-coming-from-docker/
![Various helm charts migrated from [helm/stable] due to deprecation - DandyDeveloper/charts](https://cdn.masto.host/dicecamp/cache/preview_cards/images/016/072/023/original/6a1762e2b1a3b1a7.png "Various helm charts migrated from [helm/stable] due to deprecation - DandyDeveloper/charts")
my adventures in self-hosting: day 220 (roller coaster edition) 
: 
