I am already fairly comfortable using docker and its tool set. Is the tide shifting towards Podman? Should I start learning how to use Podman? Thanks in advance.

  • aksdb@feddit.de
    link
    fedilink
    English
    arrow-up
    19
    ·
    1 year ago

    I use podman for almost everything. Especially since it’s working rootless. BUT I am also clearly swimming against the tide there. Everyone else in the company uses docker and I typically can’t just take their docker-compose setups 1:1 over to podman. First, because they often rely on having root and second, because they use docker specific hacks (like some internal hostname you can use to access the host from within docker). Since I am not a fan of docker-compose anyway, I don’t care that much … I would have built my own setup with docker as well.

    On my server I have a lot less trouble with podman than I had with docker. I run quite a lot of services there, and the docker proxy (and sometime the daemon) always started to act up after a while, causing individual containers to no longer properly receive traffic and me no long being able to control them. With podman all of that just works. And I have systemd managing the container lifetimes instead of some blackbox.

    • RandoCalrandian@kbin.social
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      1 year ago

      This is why our org enforces Kubernetes and Helm

      Compose is simpler, and has a much easier base use case, but we’ve found it more functional as a dev tool to get the service running before making a full deployment config, rather than as an effective production solution.

      • andruid@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Yeah, compose for simple testing, then use podman convert it to k8s manifests and clean up from there for production, seems like a reasonable devx.

      • aksdb@feddit.de
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Developing against k8s would kill me. I want my services and debugger running locally and don’t want to deploy shit first. In my current local setup it doesn’t matter if I spin up a service as container (because I just need it doing its thing) or if I spin it up with debugger attached in the IDE because I am developing (or debuging) it. I can fully mix-and-match at nearly every layer of the system.

        Our shared dev, stage and prod systems are also fully k8s. Not with helm though. For our own stuff we have an operator with CRD, so we can easily define our business services without much boilerplate and still be consistent across the teams. The different configs are built using kustomize as part of our CD pipeline.

      • aksdb@feddit.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I want full control over which containers launch when. I also typically have a different requirement in which network a container runs and I want to re-use existing databases instead of spinning up a new one for each service. I want specific container names. And so on.

        In short: I want full control and customization.

        • PlexSheep@feddit.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          You can tell which service depends on which in compose, you can create, specify and set networks and add containers to them, you can keep a central database and just add the network of it to your new services, and you can also specify a container name.

          As I see it (and for my compose usage), everything you mentioned works in compose.

          Besides, what is your alternative? Do you just use the docker cli? I personally found that to be way less flexible than compose.

          • aksdb@feddit.de
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            You can tell which service depends on which in compose, you can create, specify and set networks and add containers to them, you can keep a central database and just add the network of it to your new services, and you can also specify a container name.

            The point is, if I get a compose file, all of that is already wired up with expectations of the maintainer. When I start heavily modifying it, I end up with an unmaintainable mess. So I rather look into what the service(s) actually require and build it for my use case.

            Besides, what is your alternative?

            The CLI, yes. And for my own server Ansible. But the semantics of the ansible module are identical to the CLI. Knowing the CLI by heart gets me much further than knowing docker-compose by heart. (Actually, I would have to look into the manual for docker-compose all the time, while I can simply do podman --help to see what parameters it needs, if I forgot something.)