mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-11-24 20:03:02 +00:00
Create podman_vs_docker.md
This commit is contained in:
parent
8c112dfe76
commit
efdf4407ab
1 changed files with 25 additions and 0 deletions
25
docker-and-k8s-security/podman_vs_docker.md
Normal file
25
docker-and-k8s-security/podman_vs_docker.md
Normal file
|
@ -0,0 +1,25 @@
|
|||
# Podman vs Docker
|
||||
|
||||
- Docker uses a daemon, an ongoing program running in the background, to create images and run containers.
|
||||
- Podman has a daemon-less architecture which means it can run containers under the user starting the container.
|
||||
- Docker has a client-server logic mediated by a daemon; Podman does not need the mediator.
|
||||
- Podman allows for non-root privileges for containers.
|
||||
- Rootless containers are considered safer than containers with root privileges
|
||||
|
||||
## Podman Rootless?
|
||||
|
||||
- Containers in Podman do not have root access by default, adding a natural barrier between root and rootless levels, improving security.
|
||||
- Still, Podman can run both root and rootless containers.
|
||||
|
||||
## What about Systemd?
|
||||
- Without a daemon, Podman needs another tool to manage services and support running containers in the background.
|
||||
- Systemd creates control units for existing containers or to generate new ones.
|
||||
- Systemd can also be integrated with Podman allowing it to run containers with systemd enabled by default, without any modification.
|
||||
- By using systemd, vendors can install, run, and manage their applications as containers since most are now exclusively packaged and delivered this way.
|
||||
|
||||
## Building images
|
||||
- As a self-sufficient tool, Docker can build container images on its own.
|
||||
- Podman requires the assistance of another tool called Buildah, which expresses its specialized nature: it is made for running but not building containers on its own.![image](https://user-images.githubusercontent.com/1690898/172636340-a0963aab-eb27-46d6-ab47-f00c0d9aa680.png)
|
||||
|
||||
|
||||
|
Loading…
Reference in a new issue