What is Podman? - Everything You Need to Know

March 24, 2022

Introduction

As one of the most efficient virtualization methods available, containerization quickly gained traction in the DevOps world. Containerization platforms eliminate virtualization overhead and maximize resource utilization.

For years, Docker has been the most widely used containerization solution. However, the need to diversify the offer on the market prompted the creation of other container management tools.

This article will introduce you to Podman, a daemonless container engine developed by RedHat.

What is Podman?

What is Podman?

Podman is a daemonless container engine for running and managing OCI containers on Linux. Although it is a native Linux tool, Podman can also be used on other operating systems:

  • Podman on Windows runs using the Windows Subsystem for Linux.
  • On macOS, Podman utilizes a Linux VM.

Podman vs Docker

Podman was created to be an alternative to Docker. It bears many similarities to the popular containerization tool, but it also differs in some important aspects.

  • Podman is daemonless, unlike Docker, which uses a client-server paradigm. While Docker needs a daemon process to maintain the connection between the client and the server, Podman is a single main process with containers as child processes.
  • Due to its architecture, Docker requires root privileges. Podman is rootless by design.
  • Docker is a monolithic platform that strives to be an all-in-one solution for container management. Podman, on the other side, focuses on running containers. It utilizes specialized tools for other functionalities - for example, it uses Buildah for building images, and skopeo for image management and distribution.

Note: For a more detailed comparison between these two tools, read Podman vs Docker: Everything You Need to Know.

Podman Features

While it has many similarities with Docker, Podman's design makes it a unique tool in the containerization field. The following sections list Podman's most important features.

Pods

Pods are groups of containers sharing the same system resources. The pod concept is not unique to Podman - Kubernetes pods are implemented similarly.

Podman pods are created and managed through a command-line interface (CLI), using the podman pod subcommands. For example, to create a pod, run:

podman pod create
Creating a pod in Podman.

List available pods by using the command below:

podman pod list
Displaying a list of pods in Podman.

Each pod in Podman consists of an infra container and regular containers. The purpose of the infra container, which by default runs the k8s.gcr.io/pause image, is to keep the pod alive and maintain the namespaces associated with the pod. Each container has a dedicated container monitor, a service that monitors container processes and logs exit codes if the containers die.

Below is a graphical representation of a typical Podman pod:

A graphical representation of a Podman pod.

Rootless Containers

Podman features rootless containers, i.e., the containers that can be created, run, and managed without root privileges. The benefits of rootless containers are:

  • The orchestrator, runtime, or container engine can become compromised. Rootless containers ensure that even in those circumstances, attackers cannot gain root privileges for the host.
  • Multiple unprivileged users can run containers on the same system.
  • Inside a rootless container, code can utilize root privileges without running as the root user of the host system.

Note: phoenixNAP Bare Metal Cloud deploys production-ready multi-node Kubernetes clusters at scale in minutes. Check out BMC's Rancher deployment capabilities and kick-start your project.

Image Management

Building images with Podman is performed using the podman build command.

Using the podman build command to build images with Podman.

Unlike Docker with its docker build, Podman does not build images itself. Instead, podman build calls another open-source tool called Buildah to perform the building process. Buildah emulates the docker build command and creates an image using a dockerfile.

Podman features an extensive set of commands for image management. For example, images are pulled from online repositories using the podman pull command.

Pulling an image from an online repository with Podman.

To list images, use podman image ls.

Listing available images in Podman.

Systemd Integration

Being a native Linux tool, Podman seamlessly integrates into the Linux environment. The integration with systemd, a Linux program for managing services and dependencies, makes Podman a practical solution for Linux container management.

Podman integrates with systemd in two ways:

  • systemd can run inside a Podman container. This feature makes it much easier to run containers whose packages require systemd for service and dependencies management.
  • Podman can run as part of the systemd services. The traditional Linux fork-exec architecture implemented by Podman integrates well with Linux systems and allows Podman to communicate with systemd efficiently.

Commands

The Podman CLI features a set of commands and options that closely mirror Docker commands. For example, the docker ps -a command, used to list all containers, is the same in Podman:

podman ps -a
Viewing all Podman containers on the system.

The list of all Podman commands and options can be found by referring to the help file:

podman help
Output of the podman help command.

Note: Check out our Podman installation guides:

Advantages and Disadvantages of Using Podman

Since Podman has been created to be a Docker alternative, most of its benefits and drawbacks relate to how it compares to Docker. The sections below list important advantages and disadvantages of Podman.

Advantages

  • The ability to run rootless containers makes Podman more secure than Docker.
  • Pods are a practical container management feature. They make Podman a good entry point into Kubernetes.
  • Similar syntax makes it easy for Docker users to transfer to Podman.

Disadvantages

  • The lack of support for Docker Swarm means Podman users need to seek alternative solutions, such as Nomad.
  • Podman is not an all-in-one solution for container management and requires accompanying tools to achieve full functionality.
  • Given that it is a newer tool, Podman still trails behind Docker in terms of online support.

Note: Bare Metal Cloud offers a wide variety of Linux server instances ideal for Podman deployment.

Conclusion

After reading this article, you should have a better understanding of what Podman is and how it compares to Docker.

The article presented Podman's features and offered insight into the platform's advantages and disadvantages. If you want to learn how to use Podman, check out our Podman tutorial article for beginners.

Was this article helpful?
YesNo
Marko Aleksic
Marko Aleksić is a Technical Writer at phoenixNAP. His innate curiosity regarding all things IT, combined with over a decade long background in writing, teaching and working in IT-related fields, led him to technical writing, where he has an opportunity to employ his skills and make technology less daunting to everyone.
Next you should read
How to Install Podman on macOS
March 17, 2022

Read this article to learn how to install Podman on macOS using Homebrew package manager.
Read more
Docker vs containerd vs CRI-O
March 10, 2022

Docker, containerd, and CRI-O are important parts of the container management ecosystem...
Read more
Kubernetes vs. Docker: Differences and Similarities Explained
October 13, 2022

Comparing Docker and Kubernetes is not a straightforward process as they are not competitors and don't have the same...
Read more
Containers vs Virtual Machines (VMs)
April 15, 2019

Both virtual machines and containers are used to created isolated virtual environments for developing and testing...
Read more
  • © 2022 Copyright phoenixNAP | Global IT Services. All Rights Reserved.