Podman in Linux

1. podman

   1 402 27,586 10.0 Go

   Podman: A tool for managing OCI containers and pods.

   

   > root-less nature of podman

   I see this repeated a lot, but it's not the default, its has to be explicitly configured: https://github.com/containers/podman/blob/v3.3.1/docs/tutori...

   And in addition to the known upsides, there are some lesser known downsides:

   1. There are feature limitations with it: https://github.com/containers/podman/blob/v3.3.1/rootless.md

   2. There are security implications, quoting Arch Wiki:

   > Warning: Rootless Podman relies on the unprivileged user namespace usage (CONFIG_USER_NS_UNPRIVILEGED) which has some serious security implications, see Security#Sandboxing applications for details.

   Also worth noting that Docker itself has a rootless mode as well by now: https://docs.docker.com/engine/security/rootless/

   I'm happy that there are Docker alternatives, but I have the feeling that podman has been hyped a lot recently and many articles and comments give the impression that it's more secure by default and without any downsides.

2. InfluxDB

   www.influxdata.com featured

   InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

   

3. podman-macos

   2 4 575 1.6 Objective-C

   Discontinued 📦 Podman frontend for macOS

   Good to know about the GUI!

   > ETA: Oh hey here it is: https://github.com/heyvito/podman-macos

   This GUI isn't an official Podman application. It's a third party. Not that it's bad or anything, it's just not official.

4. Moby

   3 239 70,070 10.0 Go

   The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems

   

   I love podman. When you write a file to a volume from a container, the user that spawned the container is the owner. This is exactly what you expect, but with Docker, everything is written as root. After many years, this has not been fixed in docker:

   https://github.com/moby/moby/issues/2259

   This has made it impossible to use docker in scripts where root access is not available. Thank you podman!

5. podman-compose

   4 59 5,573 9.4 Python

   a script to run docker-compose.yml using podman

   

   > For everything else...

   Except for:

     - Docker Compose (because podman-compose has a large amount of open issues https://github.com/containers/podman-compose/issues)

6. Nomad

   5 109 15,610 9.9 Go

   Nomad is an easy-to-use, flexible, and performant workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications. Nomad is easy to operate and scale and has native Consul and Vault integrations.

   

   That does seem better! Of course, there are a few lingering issues with support, but overall the trend is good: https://github.com/containers/podman/issues?q=is%3Aissue+is%...

   Of course, there's no Swarm support, as evidenced by that very article:

   > Caveats

   > One known caveat is that Podman has not and will not implement the Swarm function. Therefore, if your Docker Compose instance uses Swarm, it will not work with Podman.

   Feels like people will either be pigeonholed into Kubernetes for all of their deployments, or will have to migrate over to something like Hashicorp Nomad: https://www.nomadproject.io/

   Curiously, it also supports Podman as a task driver: https://www.nomadproject.io/docs/drivers/podman

7. zfs

   6 766 11,348 9.8 C

   OpenZFS on Linux and FreeBSD

   

Suggest a related project