days
-2
-6
hours
0
-3
minutes
-4
-7
seconds
-2
-3
Container management is making a big splash

Secure container management with Podman

Sarah Schlothauer
container
© Shutterstock / Steve Mann

Podman helps you manage containers, pods, container images, and container volumes, all without a daemon. If you know how to use Docker, you know how to use Podman! Only a year after its public release, Podman has entered version 1.0. Come see what has been added and what security benefits it can provide.

When I say “containers”, you probably first think of Kubernetes or Docker. How about Podman? Podman is a Linux pod management tool that helps you manage pods, containers, container images, and container volumes. It focuses on ease of use and security.

Can you contain yourself? The latest 1.0. version celebrates new features and bug fixes. This open source tool has come a long way since its public release last year and still has some ground to travel.

    Serverless Architecture Whitepaper

    LIVING IN A POST-CONTAINER WORLD
    Free: Brand new Serverless Architecture Whitepaper

    Stay on top of the latest trends with the help of our Serverless Architecture Whitepaper. Get deep insights on serverless platforms, cloud-native architecture, cloud services, the Kubernetes ecosystem (Knative, Istio etc.) and much more!

Container management made better

SEE ALSO: “The technology stack of the future will be composed of containers, serverless & SaaS services”

First off, Podman doesn’t require a daemon. So say good-bye to daemon dependency and hello to the flexible future of containers. Without daemons, Podman benefits from reduced overheaded and added security.

Speaking of security, Podman can run containers as a non-root user. By doing this, you do not have to give users root privileges on the host.

If you are familiar with Docker, you’ll recognize a few similarities between the tools. Podman offers a similar experience as the Docker command line, which makes it user-friendly and familiar for Docker users to transition to. The Podman website even describes the tool as simply: “alias podman=docker“.

Likewise, pods work the same as pods in Kubernetes, so the learning curve is easy to manage, no matter which container tool you are coming from.

This project is maintained via the help of the containers organization. Another of their beloved tools, buildah, facilitates building OCI images. Despite having different specializations, the two projects can easily complement one another when used together. Underneath its hood, Podman uses buildah for image building.

Read more about how to get the most out of these open source tools and use them in tandem.

Welcome to 1.0

Now that you are familiar with what Podman can do, let’s take a look at all the newness added in version 1.0.

First things first, let us say a big congrats to this milestone! We expect to hear Podman mentioned much more often when the conversation turns to containers.

The latest version 1.0 includes:

  • The podman play kube command creates pods and containers from the Kubernetes pod YAML
  • Rootless containers use postrun cleanup processes
  • The podman exec command now includes a --workdir option
  • Parallelized building images for speedier performance
  • The podman create and podman run commands now support the --init flag to use a minimal init process in the container
  • Added the podman image sign command to GPG sign images
  • The podman run --device flag now accepts directories, and will added any device nodes in the directory to the container
  • A new, speedier version of Buildah included
  • Dozens of bug fixes
  • Beefed up security!

View the full changelog on GitHub for all the new updates and changes.

Jumping aboard

SEE ALSO: When monitoring containers, machine data is essential

Join the pod!

As for the future of Podman, the roadmap on GitHub proposes some interesting goals. These including a planned Varilink backend for connecting remote Podman instances, and improved rootless containers.

Does Podman earn your seal of approval? How does it compare to other container management tools?

Author
Sarah Schlothauer

Sarah Schlothauer

All Posts by Sarah Schlothauer

Sarah Schlothauer is an assistant editor for JAXenter.com. She received her Bachelor's degree from Monmouth University and is currently enrolled at Goethe University in Frankfurt, Germany where she is working on her Masters. She lives in Frankfurt with her husband and cat.

Leave a Reply

Your email address will not be published.