April 05, 2020
Podman is a new container engine developed by RedHat that doesn’t depend on a daemon, and it works seamlessly with both containers and pods. Podman is a command line tool interacting with libpod. Podman currently runs only on Linux. There is no wrapper for Windows and MacOS, like Docker has. Neither is there a Docker Compose replacement for Podman. Podman as well as Docker are built on top of runC. Instead of using a daemon, Podman is using runC directly.
It is very easy to migrate from Docker to Podman. The Docker commands will be the same for Podman, and Docker images are compatible with Podman. However, Podman stores its containers and images in a different location.
In order to pull an image you execute the command:
podman pull [name of image]
Podman will first check registry.redhat.io for the latest version of the image. If Podman doesn’t find it there, it will move on to docker.io. You can view all downloaded images with the command:
To run a container
podman run [name of image]
To execute a comand inside a running container
podman exec -it [name of container] sh
Docker uses a CLI to communicate with the Docker daemon via a client/server operation. Podman uses a fork/exec model for the container, and the container process is a child of the Podman process. By running Podman and containers as a regular user rather then root, it is not required to grant a user root privileges on the host. With a client/server model like Docker, you must open a socket to a daemon running as root to launch the containers. Podman also allows you to maintain improved security though audit logging.