Secure container management with Podman
Podman helps you manage containers, pods, container images, and container volumes, all without a daemon. If you know how to use Docker, you know how to use Podman! Only a year after its public release, Podman has entered version 1.0. Come see what has been added and what security benefits it can provide.
When I say “containers”, you probably first think of Kubernetes or Docker. How about Podman? Podman is a Linux pod management tool that helps you manage pods, containers, container images, and container volumes. It focuses on ease of use and security.
Can you contain yourself? The latest 1.0. version celebrates new features and bug fixes. This open source tool has come a long way since its public release last year and still has some ground to travel.
Container management made better
First off, Podman doesn’t require a daemon. So say good-bye to daemon dependency and hello to the flexible future of containers. Without daemons, Podman benefits from reduced overheaded and added security.
Speaking of security, Podman can run containers as a non-root user. By doing this, you do not have to give users root privileges on the host.
If you are familiar with Docker, you’ll recognize a few similarities between the tools. Podman offers a similar experience as the Docker command line, which makes it user-friendly and familiar for Docker users to transition to. The Podman website even describes the tool as simply: “alias podman=docker“.
Likewise, pods work the same as pods in Kubernetes, so the learning curve is easy to manage, no matter which container tool you are coming from.
This project is maintained via the help of the containers organization. Another of their beloved tools, buildah, facilitates building OCI images. Despite having different specializations, the two projects can easily complement one another when used together. Underneath its hood, Podman uses buildah for image building.
Read more about how to get the most out of these open source tools and use them in tandem.
Welcome to 1.0
Now that you are familiar with what Podman can do, let’s take a look at all the newness added in version 1.0.
First things first, let us say a big congrats to this milestone! We expect to hear Podman mentioned much more often when the conversation turns to containers.
The latest version 1.0 includes:
podman play kubecommand creates pods and containers from the Kubernetes pod YAML
- Rootless containers use postrun cleanup processes
podman execcommand now includes a
- Parallelized building images for speedier performance
podman runcommands now support the
--initflag to use a minimal init process in the container
- Added the
podman image signcommand to GPG sign images
podman run --deviceflag now accepts directories, and will added any device nodes in the directory to the container
- A new, speedier version of Buildah included
- Dozens of bug fixes
- Beefed up security!
View the full changelog on GitHub for all the new updates and changes.
Join the pod!
- Follow the installation instructions.
- Newcomers should follow the basic setup instructions and intro.
- Refer to the list of Podman commands.
- Having trouble? Consult the list of common issues and their solutions.
As for the future of Podman, the roadmap on GitHub proposes some interesting goals. These including a planned Varilink backend for connecting remote Podman instances, and improved rootless containers.
Does Podman earn your seal of approval? How does it compare to other container management tools?