Docker Vs Podman
Docker
As we know evolution of containerization started with the Docker where the daemon process manages the whole bunch of processes and became the most popular and widely used container management systems.
But! Do you think there is only one tool for containerization and there is no such much more effective way of containerization.
In this story , we can get answers for the questions like::
a) Why Docker?
b) Why we should not use docker?
c) Do we have any alternative for it ?
d) When can we use containers and images instead of docker images / docker containers ?
Let’s start with understanding docker first!
Docker is a software platform that allows you to build, test, and deploy applications quickly. Docker packages software into standardized units called containers that have everything the software needs to run including libraries, system tools, code, and runtime. Using Docker, you can quickly deploy and scale applications into any environment and know your code will run.
We can also assume docker container as VM upto some extent but hold on!
Unlike virtual machines where hardware is virtualized, In Docker, the containers running share the host OS kernel .
Docker Architecture:
Let’s understand the docker main components:
Docker Daemon: A constant background process that helps to manage/create Docker images, containers, networks, and storage volumes.
Docker Engine REST API: An API used by applications to interact with the Docker daemon; it can be accessed by an HTTP client.
Docker CLI: A Docker command line client for interacting with the Docker daemon or the Docker command.
There are certain issues as well with the docker:
- Security Concerns.
- for Docker operations all the steps needed to be run by root i.e. privilage escalation needed for containers.
- If any time the docker daemon fails , all the child processes comes into orphaned state.
- As Docker runs on a single process it could result into single point of failure.
So Far we have understood basics for Docker now let’s get some insights for Podman!
Podman:
Podman is an open-source, Linux-native tool designed to develop, manage, and run containers . Presented as a user-friendly container orchestrator developed by Red Hat, Podman is the default container engine in RedHat 8 and CentOS 8.
Also Podman is a daemon-less container engine for developing, managing, and running OCI Containers on your Linux System. Containers can either be run as root or in rootless mode.
Podman is a set of command-line tools designed to handle different tasks of the containerization process, that can work as a modular framework. This set includes following modules:
Podman — pods and container image manager
Buildah — module for container builder
Skopeo — a container image inspection module
runc — container runner and feature builder to podman and buildah
crun — optional runtime that allows greater flexibility, control, and security for rootless containers.
Now there can be another thought about podman like whether it can be used with k8s ?
Yes it can. In fact, Kubernetes and Podman are similar in some ways.
Podman can create container “pods” that work together, a feature resembling the Kubernetes pods. Pods organize separate containers under a common denomination to manage them as single units.
In podman with k8s :
Pod definitions can be exported to a Kubernetes-compatible YAML file which results in developers can share resources, using different containers for the same application inside a pod: a container for the frontend, another for the backend, and a database
Podman is daemon-less
Podman is a unique take on the container engine, as it doesn’t actually depend on a daemon, but instead launches containers and pods as child processes.
Should we use podman?
Podman has unique advantages as a development and management tool that makes it a viable and interesting alternative to Docker in the appropriate context. Or a powerful complement to work side by side with Docker since it supports a Docker-compatible CLI interface.
That’s all for now Happy Learning!
Will come with new Blogs Stay Tuned!
