Hi, I’ve been thinking for a few days whether I should learn Docker or Podman. I know that Podman is more FOSS and I like it more in theory, but maybe it’s better to start with docker, for which there is a lot more tutorials. On the other hand, maybe it’s better to straight up learn podman when I don’t know any of the two and not having to change habits later. What do you think? For context, I know how containers works in theory, I know some linux I think well, but I never actually used docker nor podman. In another words: If I want to eventually end up with Podman, is it easier to start with docker and then learn Podman, or start with Podman right away? Thanks in advance

    • @1371113@lemmy.world
      link
      fedilink
      English
      121 year ago

      OP, listen to this person. Docker will earn you cash. Podman is nicer to work with for your own shit.

    • CronyAkatsuki
      link
      fedilink
      English
      1
      edit-2
      11 months ago

      Docker and podman in general work the same, commands are the same, …

      Only biggest difference is that now that I’m trying to migrate from docker to podman is figting over volume binds permissions for databases and such.

      Finished migration of 3 containers, 50+ left.

  • chiisana
    link
    fedilink
    English
    221 year ago

    At the end of the day, you’re running containers and both will get the job done. Go with whatever you want to start, and be open to try the other when you inevitably end up with jobby job that uses the other one instead.

  • @morhp@lemmynsfw.com
    link
    fedilink
    English
    91 year ago

    They’re pretty much the same. Use docker documentation for learning, but actually use podman, because it’s nicer to use (doesn’t require root, easier to install on many Linux distributions).

  • @lal309@lemmy.world
    link
    fedilink
    English
    91 year ago

    Honestly, if you have never used containers before I would suggest starting with docker as it has more readily accessible beginner walk through and tutorials. From there, you will have a good idea as to switching to podman is the right move for you or not.

    Personally, I started with docker and haven’t moved from there since I don’t see a need (yet). I have dozens of services running on docker. I don’t know how heavy of a lift it would be to learn podman but like I said, I don’t feel the need to do so.

    Maybe try out both and see which one you like more?

    • @somethingsomethingidk@lemmy.world
      link
      fedilink
      English
      111 year ago

      Just to offer the other perspective. I started with podman years ago. I knew very little about containers and I would say it made the learbing curve a lot steeper. Most guides and README’s use docker and when things didnt work I had to figure out if it was networking, selinux, rootless, not having the docker daemon, etc… without understanding fully what those things were because I didn’t know docker. But when I started running stuff on kubernetes, it was really easy. Pods in podman are isomorphic to kubernetes pods. I think the pain was worth it, but it was definitely not easy at the time. Documentation, guides, and networking have improved since then, so it may not be as big of a deal now

  • Dandroid
    link
    fedilink
    English
    201 year ago

    As a podman user myself, they’re essentially the same. I look at the docker documentation when learning new things about podman. 99.9% of the time, it’s exactly the same. For the features that aren’t in podman, you can use the podman-docker package. This gets you a daemon so you can have some docker-specific features such as a container being able to start/stop other containers by mounting the socket as a volume, and it allows you to use docker-compose.

  • @Godnroc@lemmy.world
    link
    fedilink
    English
    91 year ago

    I tried out podman at first, but I found many docker instances simply provide a string of crap instead of explanations. It was easy to get a grasp of how docker worked, and now that I have an idea I feel like I could jump into podman better.

  • @redcalcium@lemmy.institute
    link
    fedilink
    English
    171 year ago

    It’s easier to start with docker first simply because of the sheer amount of learning resources available on the internet. If you’re having issues, you can usually find a solution quickly with a search engine.

    That’s being said, there’s not much differences on how to use them these days. You can even run docker compose on podman.

  • @summerof69@lemm.ee
    link
    fedilink
    English
    151 year ago

    You didn’t say what’s your goal. What do you want to achieve? For instance, if you work in IT you should probably learn Docker unless Podman is more relevant in your actual daily tasks.

    • @stepanzak@iusearchlinux.fyiOP
      link
      fedilink
      English
      41 year ago

      My goal is selfhosting stuff mainly on my raspberry pi. I’m sure I’m not going to work in IT for 3 years and probably not for at least few years after that.

      • k_rol
        link
        fedilink
        English
        51 year ago

        Then just go for Docker. Otherwise you may make it unnecessarily difficult for yourself and get discouraged. In a few years you may revisit the question and see if you still have an interest in podman.

  • @prettybunnys@sh.itjust.works
    link
    fedilink
    English
    191 year ago

    Docker is more ubiquitous, Podman has use cases that diverge from Docker.

    Discover the use case and decide from there.

    That said docker is a good starting point, their documentation is pretty great and once you know docker you’ll better appreciate why podman is different.

  • poVoq
    link
    fedilink
    English
    61 year ago

    Doesn’t really matter for basic stuff as it will be the same.

    Once you get into container orchestration the differences start and then you basically need to decide what you want to get out of it.

  • @genie@lemmy.world
    link
    fedilink
    English
    21 year ago

    This is a bit of a Pokemon starter question. Just pick one and see where it takes you! They do roughly the same job, especially now that docker has a rootless mode. At the end of the day you’re learning a new technology and that’s a positive thing.

        • @TCB13@lemmy.world
          link
          fedilink
          English
          -1
          edit-2
          1 year ago

          You’re using LXC… so you may want to learn about Incus/LXD that was made by the same people who made LXC, can work as a full replacement for Proxmox in most scenarios. Here a few reasons:

          • It is bellow the Linux Containers project, open-source;
          • Available on Debian 12’s repositories;
          • Unlike Proxmox, it won’t withhold important fixes on the subscription (payed) repositories;
          • Is way, way lighter;
          • LXC was hacked into Proxmox, they simply removed OpenVZ from their product and added LXC and it won’t even be as compatible and smooth as Incus;
          • Also has a WebUI;

          Why not try it? :)

      • 2xsaiko
        link
        fedilink
        English
        01 year ago

        I use distro packages. In the rare case something isn’t packaged yet, I package it myself. And for the isolation, systemd services can do most of the things docker can if you need (check systemd-analyze security).

        For just hosting services that can be done instead with normal system services, docker makes your setup a lot more complex (especially on the networking side), for little if any gain. Unless I need to spin up something multiple times temporarily on demand or something has a hard dependency on it, I’m not going to bother with it anymore.

        • Victor
          link
          fedilink
          English
          01 year ago

          Not sure why all the down votes without any explanation.

          I too don’t use docker for my services. I run Plex on my Arch install via the provided AUR package. 🤷‍♂️ Nobody told me I needed to do otherwise, with docker or anything else. Not sure why that would be better in any way. It could hardly be more performant? And it’s as simple as enabling the service and forgetting about it.

          • @Nibodhika@lemmy.world
            link
            fedilink
            English
            31 year ago

            Maybe they’re having issues with his answer of “using an OS” which implies other people are not? IDK.

            But as to you if you’re running just one or two services from a machine you also use for other stuff using packages and systems services is perfectly fine. If you have dedicated hardware for it (or plan on having it), it starts to make sense to look at ways of making things easier for yourself in the long run. Docker solves lots of issues no one’s talking about (because no one is facing them anymore), e.g.:

            • Different services requiring different versions of the same library/database/etc
            • Moving your service from one computer to another
            • Service requiring specific steps for updates (this is not entirely gone, but it’s much better and it’s prevents you from breaking your services by doing a random operation like updating your system)
            • Pinning versions of services until you decide to update without needing to sacrifice system updates for it (I know you can pin a version of a package, but if you don’t upgrade it it will break when you upgrade it’s dependencies)
            • Easily map ports or block access in a generic way, no need to discover how each service config file allows that, you can just do it at the container level. e.g. databases that can’t be accessed from the network or even from within the host machine (I mean, they can obviously be accessed from the host system, just not in the traditional way, so a user who gains access to your machine on a user that’s not allowed to use docker can’t)
            • Isolation between services
            • Isolation from host machine
            • Reproducibility of services (i.e. one small docker compose file guarantees a reproducible host of services)
            • Endurance that no service is running as root (even if they only work as root)
            • Spin services in minutes to test stuff up and clean them out thoroughly in seconds.

            There’s probably many more reasons to use docker. Plus once you’ve learned it it’s very easy for small self-hosted stuff so there’s really no reason not to use it. Every time I see someone saying they don’t use docker and don’t understand why people use it I’m a bit baffled, it’s like someone claiming he doesn’t understand why people use knifes to cut bread when the two-handed axe he uses for chopping wood works (like, yes, it does work, but it’s obviously not the best tool for the job)

            • Victor
              link
              fedilink
              English
              11 year ago

              Pretty good points. I especially like the no-root and isolation aspects, as well as the reproducibility aspect.

              But I don’t have enough services to warrant learning docker at a deeper level yet, and they aren’t exposed on the internet yet either. Just local services so far. But all of those points are good to consider. Thanks for replying, friend! 🤝

              • @Nibodhika@lemmy.world
                link
                fedilink
                English
                21 year ago

                Yes I’m aware of that, having written several systemd units for my own services in the past. But you’re not likely to get any of that by default when you just install from the package manager as it’s the discussion here, and most people will just use the default systemd unit provided, and in the vast majority of cases they don’t provide the same level of isolation the default docker compose file does.

                We’re talking about ease of setting things up, anything you can do in docker you can do without, it’s just a matter of how easy it is to get good standards. A similar argument to what you made would be that you can also install multiple versions of databases directly on your OS.

                For example I’m 99% sure the person I replied to has this file for service:

                [Unit]
                Description=Plex Media Server
                After=network.target network-online.target
                
                [Service]
                # In this file, set LANG and LC_ALL to en_US.UTF-8 on non-English systems to avoid mystery crashes.
                EnvironmentFile=/etc/conf.d/plexmediaserver
                ExecStart=/usr/lib/plexmediaserver/Plex\x20Media\x20Server
                SyslogIdentifier=plexmediaserver
                Type=simple
                User=plex
                Group=plex
                Restart=on-failure
                RestartSec=5
                StartLimitInterval=60s
                StartLimitBurst=3
                
                [Install]
                WantedBy=multi-user.target
                

                Some good user isolation, but almost nothing else, and I doubt that someone who argued that installing from the package manager is easier will run systemctl edit on what he just installed to add extra security features.

                • @TCB13@lemmy.world
                  link
                  fedilink
                  English
                  0
                  edit-2
                  1 year ago

                  But you’re not likely to get any of that by default when you just install from the package manager as it’s the discussion here,

                  This is changing… Fedora is planning to enable the various systemd services hardening flags by default and so is Debian.

                  We’re talking about ease of setting things up, anything you can do in docker you can do withou

                  Yes, but at what cost? At the cost of being overly dependent on some cloud service / proprietary solution like DockerHub / Kubernetes? Remember that the alternative is packages from your Linux repository that can be easily mirrored, archived offline and whatnot.

                • Victor
                  link
                  fedilink
                  English
                  11 year ago

                  Can confirm, have this file. Can confirm, will not learn unit files because I don’t know enough to know the provided one is not sufficient, because the wiki has no such mention. You are spot on.

          • @SpaceNoodle@lemmy.world
            link
            fedilink
            English
            -3
            edit-2
            1 year ago

            People love to hate on people who don’t care for containers.

            Also, I’m guessing that nobody here actually knows what it means to run code on bare metal.

            What you’re doing is fine. No need to make life harder for yourself.

            • Victor
              link
              fedilink
              English
              21 year ago

              People love to hate on people who don’t care for containers.

              Maybe so. 😕

              what it means to run code on bare metal

              I’m guessing it means something slightly different than what most people think, namely to just run it in the OS. Would you explain to me what it really means?

              • @ImTryingLemmy@lemmy.world
                link
                fedilink
                English
                01 year ago

                The OS is in between the service and the bare metal. Something like OPNsense can be said to be running on bare metal because the OS and the firewall service are so intertwined. However, something like firewalld isn’t running on the bare metal because it’s just a service of the operating system.

                That’s how I understand it anyway, I’m not a pro

              • @SpaceNoodle@lemmy.world
                link
                fedilink
                English
                21 year ago

                Bare metal would mean without an OS to manage peripherals, resources, even other tasks - like you might find on a resource-constrained embedded system.

  • @shaked_coffee@feddit.it
    link
    fedilink
    English
    61 year ago

    Still haven’t looked into podman properly, but docker is much easier to learn because as you said there’s a lot more material available online. I’d say start with Docker, and if in the future you will find out podman better fits your needs you can always switch (they should not be that different)

  • @BrianTheeBiscuiteer@lemmy.world
    link
    fedilink
    English
    61 year ago

    They’re very similar so you pretty much can’t go wrong. Podman, I believe, is more secure by default (or aims to be) so might run into more roadblocks with its use.

    • Kalcifer
      link
      fedilink
      English
      11 year ago

      so might run into more roadblocks with its use.

      This has been my experience with Podman. That’s not to say that these roablocks aren’t without reason, nor merit, but there is always a trade off of convenience when optimizing for security.