Docker is cool, don't get me wrong. They pretty much brought containerization to the masses.
So why the breakup letter? What pushed you over the edge
- 2017: Licensing changes
- Docker hub pricing changes
- Malware hosted on docker
- Price changes 2022
- Docker Desktop pricing
- Rate limit
- Docker free teams being sunsetted (and then saying sorry for bad comms, and then actually saying sorry and no longer doing it)
Sure, most of these above points are about money, but the docker desktop and docker hub ones annoyed me the most
we just need to talk a bit about docker and podman.
Specifically, on mac (which has 32% market share on devs) you can only install docker using the desktop CLI. If you then use it for work, you need to pay.
Of course I am still yet to see Docker Inc take a company to court for not paying for licenses.
So why podman? Why switch?
The real reason I switched was because I broke my docker install so much, that it was easier to switch to a new container runtime thing on my computer, than it was to try fix it.
Having a search about, I came across a blog from Michael Friedrich
One of his suggestions was podman, so I turned away from the spike I was working on (Configuring Hound) and put all the time in to getting podman working on my laptop
The install process
For context, I am using an M1 mac - Which requires some additional configuration.
brew install podman
podman machine init
podman machine start
That's pretty much it.
Podman will hijack your docker config file, so stuff like authentication to google cloud artifact registry and custom registries are just going to work
Something to note is that if you plan to run containers with local volumes, you will need to change your init command to the below
podman machine init --now --cpus=4 --memory=2046 -v $HOME:$HOME
I miss things about docker
This is normal, for the past 10 years you've been typing docker
and docker-compose
Firstly we will take care of docker-compose
as podman has it's own compose tool.
It's called... podman-compose
brew install podman-compose
Aliasing stuff
edit your ~/.zshrc
or ~/.bashrc
file and add the below in
alias "docker"="podman"
alias "docker-compose"="podman-compose"
Then update your source
source ~/.zshrc
Any time you invoke docker
or docker-compose
it will just be podman sitting back there running for you!
Podman Desktop
brew install podman-desktop
What is it actually like to live with?
I have been using podman since the 27th of march, and I have to say I am impressed.
At work, I am the only person using podman, so support is non existant. This also raises a very important factor of adopting podman
If my team uses docker, can I change with no affect to my productivity
The answer: Sort of
The good
- It works with google artifact registry using my docker
config.json
file right off the bat - Docker pulls default to
docker.io/library
so you don't have to change pulling images - Pulling images from other registries is as you expect, un-changed.
The not so good
- Configuration is annoying
- Takes a few extra seconds to spin up a container
- Resources are limited by the VM that runs the containers, so lots of running containers = some are slow
- Skaffold does not work
I am going to elaborate on the bad ones, as this is going to be your deciding factor on if you move or not
Configuration is annoying
Because of the VM that podman runs containers in, you have to SSH in to the machine, and make the changes in nano or vi/vim. This gets quite annoying after about 3 minutes.
Takes a few extra seconds to spin up a container
I have not been able to do a side by side comparison (my docker is borked) but running something like the below, just feels slower.
podman run -it alpine /bin/sh
Resources are limited by the vm
This is self explanatory. It's actually the same on docker, if you have a look on the docker Desktop app, it's there. The only reason I raise it here is because we're manually setting it, so we see it
Skaffold does not work
Skaffold is this super slick tool that allows you to automate so much
The issue I have is that it does not work for building docker images, as it requires either the docker daemon or the docker cli
There is an open issue about this, but I think it works, providing you follow the most recent comment from my self
Wrapping up
- I like podman
- My manager is not sold on it
- Saves the company some dosh
I plan to use podman as much as I can. I can run everything we have at work through podman and it's fine. If I have issues and need to run more complex stuff, I have a local k3s cluster I can use.