Great video as always. Good overview of how to use Podman for anyone interested in getting their toes wet. Couple bits of input: 1) Podman isn't exactly a dropin Docker replacement - it works for most things, but doesn't support Docker stacks in swarm mode for instance. Also, Docker can build images without additional tools while Podman requires Buildah to do so. There are other differences as well. As such, it's exactly not a 100% drop-in replacement. 2) Docker containers don't have to run as root - it's up to the image creator to decide how they operate. The container can absolutely switch users and execute commands as non-root if the image creator wants to. Similarly, the Docker daemon can be configured to run without root access. This isn't the default, but it's still possible. 3) You should really avoid using apt to install the docker packages as those are old versions of Docker, and follow the install instructions on the Docker website instead. 4) The -d in your command isn't for daemon mode, but to run a container in detached mode; that is, in the background. You can actually reattach to these containers if you like with the 'podman attach' command. 5) Your tab complete can be fixed by using the full command syntax, e.g. 'podman container stop' then pressing tab. Without passing 'container' to podman as the first arg, the autocomplete behaves weird. I think that's something they may address in the future as the shorthand syntax (without verbosely using 'podman container' every time) is very common and Docker allows it. That said, Podman is still a great alternative in the container landscape and offers some great benefits over Docker if you don't need to run high availability stacks in swarm mode. It's got some room to grow and catch up with Docker, but is looking very promising.

Just to be mentioned here, Docker can be run rootless as well. That kind of installation is not yet well supported across all distros, so you may need to adjust few configs manually. But I'm pretty sure, it becomes a default installation mode very soon.

kubernetes is not a container runtime engine ;) kubernetes is a container orchestration system it uses a container runtime engine like containerd, cri-o under the hood (used to be docker but they removed support for that)

Watching John's videos is a lifestyle.

Rootless networking with podman is a very steep learning curve, and still has bugs around netavark and DNS. Still an awesome tool/initiative on non monolith container stack!

There are special files that enable additional levels of tab completion in the shell for each binary where that works. The docker devs have apparently created those files, while the podman devs haven’t yet.

The video editing was unexpected, but it was a really nice surprise I have to say!

That visual effects are awesome

Nice, thanks John! Shared to a few of my colleagues.

Loved the video editing :-D

I was going to launch my first docker this week…might as well play with podman too.

There is a solution for monitoring podman?

Podman is nice not exact drop in replacement for docker making systemd services for podman is a bit different but onc you do it you can make the service a user service as it doesn't require root to run.

even you can use a wrapper like compose, podman-compose :)

Thank you great video! I am switching to podman on my dev machine and kaniko on my k8s clusters.

interesting video but i feel like docker has also supported rootless mode for a while

I suggest you use ´docker ps -a´ to see stopped containers.;)

Hi John.. . Like the new style in editing... And finally some background music.. Top notch as always..

Podman does not have a swarm mode, when you need to deploy a small cluster. Best regards.

thx. great intro to Podman.

You have a video about your setup, it's super cool! May I ask you to make a video about the books you studied from?

Any thoughts about Pods, the GUI for Podman?

singularity/apptainer is similar to this, but you are user inside the container, too. I guess if you have to be root inside a container that could be nice.

What terminal are you using? This autocompletion preview is pretty cool!

8:00 maybe something to do with bash completion rules

never used docker learning containerization now, i think podman might be the better option?

There are some gotchas accessing volumes in rootless mode. It's still entirely possible but very frustrating at times when you are first unable to mount a directory or a file has permissions changed on startup.

its really awesome to build custom kali vm's with podman. gonna install kali again soon.

Thanks John! portainer is nice but i mostly ignore it and do everything from cli gives me more control, might be time for me to switch to podman makes me nervous having public facing containers running as root.

you had me at demon-less

What about the restart always or until stopped? Can podman restart your containers after a reboot without having a demon service running?

Can you make a video on LXC/LXD any how they compare to docker/podman?

What about if i want to see the interaction with the container? Like the requests and all that stuff 🤔

What happened to rocket?

John doesn't need any creative thumbnail He will manage thumbnails by his face shot

Your autocompletion problem is most probably due to a shell you are using - which doesn't happen to have Podman autocompletion. Should be easy enough to install that on top of your shell (bash / zsh i.e)

But once the user signs out all the podman containers are automatically stopped, I have even tried to create a systemd service but it doesn't work with system services but only works as user service so once I sign out it will be gone, how can I have a container running in background

Is there something similar to docker-compose?

You should be using CRI-O in production.

The biggest anti-security feature of podman and other RedHat tools is the ability to change the default registry to something other than Docker Hub. It creates dependency confusion attacks where they didn't previously exist.

we need podman-compose next

It is NOT a drop in replacement for docker, that’s largely fake news for anything but the most basic usage of docker. Be prepared for things to not work after doing “alias docker=‘podman’”

I think it's possible to run Portainer with Podman.

cool thanks

John is a Saint for this Kind of Stuff. Keep being awesome

Preach!

Podman is better than docker for a lot of situations.

Techno John

It's better than docker

Sorry John, but podman is rubbish from experience in different environments, and not stable at all, and the amount of flags they add are useless. Docker now can run rootless and more stable than podman

i'm a podman

sandman >>> podman

I thought you will explain uid mapping than just said no root, sure "no root"

i didnt understand a word in the first sentence

inside the container u are root. but what is running ur container isnt root.

I don't care about security, I just don't like daemons and don't want to muck up my OS with docker when I just need a container for personal development.

Hi I watched your video's and I want to say your amazing. I'm reaching out to you because somebody hacked my Facebook, Whatsapp, and cashapp and they robbed me. Now they are texting me saying they are gonna kill my mother and my kids. I need your help. I mean really need your help I don't know how to stop this and I can not find out who this is so the cops can do there job. I'm asking I'm just asking can you please help. If not I understand.

I literally don't understand a words he's speaking why am I watching this

Nice

💖💖

Sadly podman is slow af. No thanks. Maybe one day when they can actually build images without it taking ten years

It’s pronounced DEE-mun, not DAY-mun. And as we’re not in the navy, “tack” should really be “minus” (no, not dash, which is - or -).

hahahahaha

First

Check to make sure your shell's rc init file has the completion added. for bash: podman completion -f /etc/bash_completion.d/podman bash. for zsh: podman completion -f “${fpath[1]}/_podman” zsh. Podman can do some pretty cool things with kubernetes deployment or pod definitions via podman play kube my_deployment.yml

Waste of time