Create podman_vs_docker.md

This commit is contained in:
Omar Santos 2022-06-08 10:02:03 -04:00 committed by GitHub
parent 8c112dfe76
commit efdf4407ab
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -0,0 +1,25 @@
# Podman vs Docker
- Docker uses a daemon, an ongoing program running in the background, to create images and run containers.
- Podman has a daemon-less architecture which means it can run containers under the user starting the container.
- Docker has a client-server logic mediated by a daemon; Podman does not need the mediator.
- Podman allows for non-root privileges for containers.
- Rootless containers are considered safer than containers with root privileges
## Podman Rootless?
- Containers in Podman do not have root access by default, adding a natural barrier between root and rootless levels, improving security.
- Still, Podman can run both root and rootless containers.
## What about Systemd?
- Without a daemon, Podman needs another tool to manage services and support running containers in the background.
- Systemd creates control units for existing containers or to generate new ones.
- Systemd can also be integrated with Podman allowing it to run containers with systemd enabled by default, without any modification.
- By using systemd, vendors can install, run, and manage their applications as containers since most are now exclusively packaged and delivered this way.
## Building images
- As a self-sufficient tool, Docker can build container images on its own. 
- Podman requires the assistance of another tool called Buildah, which expresses its specialized nature: it is made for running but not building containers on its own.![image](https://user-images.githubusercontent.com/1690898/172636340-a0963aab-eb27-46d6-ab47-f00c0d9aa680.png)