Docker alternative without daemon

Ayhan's photo
Ayhan
·

3 min read

While Docker has undoubtedly revolutionized our approach to development, deployment, and running applications, it's worth exploring the differences with Podman (Pod Manager) and why you might find it interesting to start using it instead of Docker.

Podman is an open-source container and pod manager.

Similar to Docker, it allows you to create, run, stop, and delete OCI containers, as well as manage container images.

It also supports pods within its functionality, meaning you can create and manage pods just like with Kubernetes.

OCI Containers Definition
OCI (Open Container Initiative) is an industry standard organization that aims to create a set of rules (specifications and standards) to ensure consistent container operation across different platforms.

This means that Podman images/containers are fully compatible with Docker or any other containerization technology that uses an OCI-compatible container runtime.

Most Docker users can simply create a Docker alias for Podman (alias docker=podman) without any issues.

This means that all Docker commands remain the same, except for the docker swarm command.

Podman Architecture

The Podman architecture does not involve daemons.

Daemons are background processes that typically run continuously on the system, waiting for specific events or requests.

Regarding containers, imagine a Docker daemon as an intermediary communicating between the user and the container itself.

Using a daemon to manage containers leads to several issues:

- Single point of failure.
- When the daemon crashes, all containers crash.
- Requires root privileges.

Therefore, Docker daemons are prime targets for hackers seeking to gain control over your containers and infiltrate the host system.
Podman addresses these issues by directly interacting with container registries, containers, and image storage without the need for a daemon.
By transitioning to a non-root mode, users can create, run, and manage containers, reducing security risks.
The buildah utility replaces the docker build command as a tool for creating container images.
Similarly, skopeo replaces the docker push command and allows moving container images between registries.
These tools provide efficient and direct interaction with the necessary components, eliminating the need for a separate daemon in the process.
Do you need to rewrite every Dockerfile and docker-compose file to use Podman with existing projects?
Absolutely not. Podman offers compatibility with Docker syntax for container files (containerfile).
Additionally, Podman offers a tool called pod compose as an alternative to docker compose.
Pod compose uses the same syntax, allowing you to define and manage multi-container applications using the same approach or even using existing "docker-compose.yml" files.
Podman also comes with Podman Desktop, offering enhanced features that make it more powerful and straightforward. It is compatible with Docker and Kubernetes, expanding their capabilities and providing easy operation.
Installation guides and Podman documentation can be found on their official website podman.io.