I know that Docker and Kubernetes solve the same problem. Most users can simply alias Docker to Podman (alias docker=podman) without any problems.
So what is the difference between them?
I know that Docker and Kubernetes solve the same problem. Most users can simply alias Docker to Podman (alias docker=podman) without any problems.
So what is the difference between them?
2
Answers
Here is some core difference between Docker and Podman:
You can get a lot of articles about Docker vs Podman on the internet.
Podman is more secure and lightweight than Docker. Docker relies on a daemon running in the background of your system. Whenever you access the Docker CLI or API to run and manage containers, you are, in effect, communicating with that daemon. Podman is daemonless! If you execute a command with the Podman CLI, it will execute those commands and run the containers directly on the system. Thus, Podman doesn’t rely on a Single Point of Failure, and, equally important, you can run containers rootless. The Docker daemon runs in the background with root privileges. In effect:
Podman containers run as a non-root user by default
Users can run their own containers, and while doing that, the containers run in a user namespace where they are strictly isolated and not accessible to other users
Containers are daemonless and run on top of the lightweight CRI-o container runtime
Note rootless containers do not have an IP address, can only bind to a nonprivileged port and must be the owner of the directory they use for storage.