I would love to hear everyone’s opinion.
No love for kubernetes?
I think k8s is a different beast, that requires way more domain specific knowledge besides server/Linux basic administration. I do run it, but it’s an evolution of a need, specifically when you want to manage a fleet of machines running containers.
Even then, there’s dockerswarm.rocks (linking directly to tutorial to show how easy it is!)
Kubernetes? I’ve never even seen her netes.
New Lemmy Post: Docker or podman? (https://lemmy.world/post/13073444)
Tagging: #SelfHosted(Replying in the OP of this thread (NOT THIS BOT!) will appear as a comment in the lemmy discussion.)
I am a FOSS bot. Check my README: https://github.com/db0/lemmy-tagginator/blob/main/README.md
I would say Docker. There is no substantial benefit in running podman, while docker is a widely adopted tool (which means more tooling in the ecosystem, easier to find answers to questions etc.). The difference is not huge tbh, and some time ago the biggest advantage for podman was being able to run rootless, while docker was stuck with a root daemon. This is not the case anymore (docker can run rootless), so I would say unless you have some specific argument to use podman, stick with docker.
If you don’t have strong opinions one way or the other, then docker is the easy answer. Way, way more widespread, which generally tends to mean better docs, more guides and examples, more tooling and open-source support…
I would say podman by default. It has a better security architecture as it can run rootless.
However there are small differences from Docker so you may need use Docker if you are trying to run third-party services that rely on these differences.
Docker can run rootless too, see https://docs.docker.com/engine/security/rootless/
Whichever one you want.
It depends on what you want. Do you want containers that don’t blow away your firewall? Podman is nice, but docker can be configured a little to avoid this. Want things that autostart and don’t have issues with entry points that attempt to play with permissions/users? Docker or podman as root is necessary. Want reasonable compose support? Podman now needs a daemon/socket. Want to make build containers and not deal with permission/user remapping at all? Podman is really nice.
Do not attempt to use podman-compose. That app is dead.
Unfortunately if you want to make tools that will be used by other people then you must add docker support. It just owns too much of the market.
is podman-compose really dead? Their github page looks active at a glance. The tooling is so similar, I use podman for local testing, and deploy to docker, but I’ve also done the reverse. As long as your not using really exotic parameters its really just a drop in replacement, I’ve even used GPU passthrough for AI project no problem in both docker and podman. At the end of the day, they’re just slightly different frontends for the same backend.
As far as docker support, its often as simple as just providing a Dockerfile, which is basically the same thing as your build scripts. These days I’ve often used the Dockerfile INSTEAD of the readme to find help compiling some projects.
It was dead however long ago when I submitted a PR. Still unmerged with no activity on the request so I just never went back to check.
It’s good to hear that they are working on it again though, if that is the case.
Piggybacking on this… what’s the quickest way to deploy a docker container in Kubernetes short of having to hand create the deployment yaml? Or is that it, having to create one from scratch.
If you run it in podman, podman can export into a kubernete file, but its been a long time since I’ve tried it though.
podman kube generate $CONTAINERNAMEYou have a bunch of options:
kubectl run $NAME --image=$IMAGEthis just creates a pod running the specific image. If you kill the pod, or it terminates, it won’t be run again. In general though, you probably want to do some customization before running (maybe you need volumes, secrets, env, ports, labels, securityContext, etc.) and for that you can simply let kubectl generate the boilerplate YAML and then simply make some edit:
kubectl run $NAME --image=$IMAGE --dry-run=client -o yaml > mypod.yaml # edit mypod.yaml kubectl create -f mypod.yamlYou can do the same with a
deploymentorstatefulset:kubectl create deployment $NAME -n $NAMESPACE [...] --dry-run=client -o yaml > deployment.yamlIn case you don’t need anything fancy, the
kubectl createsubcommand allows you to create simple workload, so probably that’s the answer to your question.You rock! Yeah I just wanted to run the image first before building out the whole framework around it. This is what I was looking for.
Podman is significantly better if you want to leverage the Systemd integration it has out of the box.
But if you just want to run existing docker-compose scripts then Docker is easier.
If you’re just starting out and have never used containers before start with regular (rootful) docker. It’s a much simpler mechanism to understand for a beginner and has more widespread support and documentation.
Once you understand containers and have used them for a few months you can start going down the rabbit hole, there’s no shortage of technologies to explore.
Or, if you’re only interested in self-hosting as a hobby and docker does what you need, you can also stop there. Not everybody needs a deep dive into technology.
I like podman more because people told me it was better and it just worked for me :P
I use podman with the podman-docker compatibility layer and native docker-compose. Podman + podman-docker is a drop-in replacement for actual docker. You can run all the regular docker commands and it will work. If you run it as rootful, it behaves in exactly the same way. Docker-compose will work right on top of it.
I prefer this over native Docker because I get the best of both worlds. All the tutorials and guides for Docker work just fine, but at the same time I can explore Podman’s rootless containers. Plus I enjoy it’s integration with Cockpit.
Honestly I use docker because by now I know docker and basically everything has support for it…
Podman. This is the way.
I personally prefer podman, due to its rootless mode being “more default” than in docker (rootless docker works, but it’s basically an afterthought).
That being said: there’s just so many tutorials, tools and other resources that assume docker by default that starting with docker is definitely the less cumbersome approach. It’s not that podman is signficantly harder or has many big differences, but all the tutorials are basically written with docker as the first target in mind.
In my homelab the progression was docker -> rootless docker -> podman and the last step isn’t fully done yet, so I’m currently running a mix of rootless docker and podman.
