To DOCKER or not to PODMAN: THAT IS THE QUESTION

docker or not to podman

In this article, we compare and contrast both container platforms and ultimately decide whether to docker or not to podman.

Table of Contents

Introduction

When deciding which containerization technology to go with, Docker or Podman, one should consider the following:

  • SecuritySince Podman has a daemon-less architecture, which is just a fancy way of saying it can run without requiring root privileges, it is considered a better option from a security standpoint. Systems administrators and engineers are more likely to endorse Podman over Docker because Podman presents a natural barrier to root which in turn, deters attackers. Podman, a Red Hat product, was promoted from its inception as a “security-first” containerization technology as it allows running non-root privileged containers. Unlike Docker, which uses a daemon and until recently, allowed for the running of root privileged containers.
  • Projects & EnvironmentsDepending on your organization and the specifics of projects running Docker under development, it may or may not be a worthwhile endeavor to switch from Docker to Podman. If you’ve already been running Docker in your environment for a while, a switch to Podman may require a bit of a learning curve. In addition, there are differences in the expected outputs of certain commands as we will later review. Having said that, Docker and Podman share similar features so the question shouldn’t be to Docker or not to Docker. Or, to Podman or not to Podman but rather–what technology is the better fit for my project?

Differences: Docker and Podman

We’ve already reviewed the differences (security-wise) in both technologies with regards to running root and non-root privileged containers. However, both technologies are improving all the time to remain competitive in the market. For example, Docker recently implemented rootless mode to its configuration and Podman can run both root and non-root containers. Nevertheless, there are still stark differences between the two containerization technologies.
 
The table (below) highlights some of those differences:
Features Docker Podman
All-in-one vs ModularAll-in-one applies to Docker as it is a powerful and independent tool that can stand on its own and manage containerization tasks from the start to the end of an entire cycle.Podman would be considered modular as it requires the assistance of other specialized tools to complete certain tasks. For example, since Podman is daemon-less, it requires systemd to be enabled in order to manage services and support running containers in the background.  
Build vs. RunDocker is self-sufficient and was designed for building as well as running images on its own.Podman was designed more so for running images rather than building them. However, it can build images with the aid of a specialized tool called buildah.
Container Orchestration ToolsDocker Swarm is a popular container orchestration tools which allows users to manager multiple containers deployed across multiple hosts.Until recently, Podman did not support Docker Swarm. This was one main reason some projects decided against it. Even though, Podman added support for Docker Compose which by extension enables Docker Swarm compliance, it doesn’t work as well naturally as Docker does.
 

Docker Installation on RHEL7 or CentOS7

Depending on your environment, you may want to first ensure that you don’t already have a Docker version running before installing a new one. Issue the following command to remove any previous versions of Docker from your machine (below):

				
					$ sudo yum -y remove docker*
				
			

Installing Docker on Red Hat or CentOS is a simple as issuing the yum command (below) :

				
					$ sudo yum -y  install docker
				
			

Docker community edition (CE)

To install the latest Docker Community Edition, issue the following command (below): Beginning with the yum-utils package.

				
					$ sudo yum -y install yum-utils
				
			

Next, using the yum-config-manager command, download the latest Docker-CE Repository.

				
					$ sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
				
			

The following command (below) will install the latest docker-ce along with all of its dependencies.

				
					$ sudo yum -y install docker-ce
				
			

Managing the Docker Service

To start, stop, or restart docker, run the following commands:
				
					$ sudo systemctl start docker
$ sudo systemctl stop docker
$ sudo systemctl restart docker
				
			

To enable Docker so that it autostarts upon reboot, run the following command:

				
					$ sudo systemctl enable docker
				
			

To check the status of the running Docker service:

				
					$ sudo systemctl status docker
[sudo] password for admin:
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2022-01-14 17:10:34 EST; 1 weeks 3 days ago
Docs: https://docs.docker.com
Main PID: 25332 (dockerd)
Tasks: 83
Memory: 479.6M
CGroup: /system.slice/docker.service
				
			

Install Podman on RHEL7 or CentOS7

Just like the Docker Installation, you can install Podman on Red Hat or CentOS by running the following yum command (below):

				
					$ sudo yum -y install podman
				
			

Verifying the Podman Service

After completing the installation, you can verify that podman is running on your system by running the following command:

Pull down an image for testing purposes:

				
					$ podman pull centos
Trying to pull docker.io/library/centos...
Getting image source signatures
Copying config 5d0da3dc97 done
Writing manifest to image destination
Storing signatures
5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6

$ podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/centos latest 5d0da3dc9764 4 months ago 239 MB
				
			

Conclusion

We reviewed the differences between Docker and Podman while highlighting a central point. It is not about which containerization technology is better but what project goals you’re looking to accomplish.

Was this article helpful to you? If so, leave us a comment below and share!

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *