Podman is an excellent container engine that’s daemonless, rootless, and compatible with Docker.

Plus, Podman fully supports Dockerfiles without any changes.

You can use the exact same Dockerfile syntax with Podman that you would use with Docker.

Here’s how to get started:

Installation

First, you’ll need to install Podman:

Linux

# Fedora/RHEL/CentOS
sudo dnf install podman

# Ubuntu/Debian
sudo apt-get update
sudo apt-get install podman

# Arch Linux
sudo pacman -S podman

macOS

brew install podman

Windows

Install Podman Desktop from the official website or use:

winget install -e --id RedHat.Podman-Desktop

Basic Commands

After installation, verify it’s working:

podman --version

Here are some essential commands to get started:

Pull an image

podman pull docker.io/library/alpine

Run a container

podman run -it alpine sh

List containers

podman ps         # Running containers
podman ps -a      # All containers

List images

podman images

Remove containers and images

podman rm <container-id>
podman rmi <image-id>

Docker Compatibility

Podman is designed to be a drop-in replacement for Docker. You can even create an alias:

alias docker=podman

Running Containers Rootless

One of Podman’s key advantages is rootless container operation:

# No need for sudo
podman run -it alpine sh

Why / where is Podman better than docker?

Podman offers several distinct advantages over Docker:

Security Advantages

1. Daemonless Architecture: Podman doesn’t require a background daemon running with root privileges, eliminating this security risk.
2. Rootless Containers: Podman runs containers without requiring root permissions, which significantly reduces security risks. Users can run containers as themselves.
3. Pod Support: Podman natively supports Kubernetes-style pods, making it easier to test and develop Kubernetes applications locally.

Technical Advantages

1. Compatible API: Podman implements the Docker API, making migration simple (typically just alias docker=podman).
2. Systemd Integration: Better integration with systemd for managing container lifecycles.
3. OCI Compliance: Fully compliant with Open Container Initiative standards.
4. Fork/Exec Model: Uses a fork/exec model instead of client/server, which can be more reliable in some environments.

Practical Advantages

1. No Licensing Concerns: Podman is fully open source with no commercial restrictions or licensing issues.
2. Red Hat Support: Strong backing from Red Hat gives stability for enterprise environments.
3. Less Resource Intensive: No always-running daemon means lower resource usage when not actively using containers.
4. Built-in Container Generation: Tools like podman generate systemd create systemd units for containers.

Docker still has advantages in some areas like wider community adoption and more extensive documentation, but Podman continues to gain traction, especially in enterprise environments concerned with security and standardization.

So this saves doing the “detached”?

Yes, exactly! Using podman generate systemd actually solves the detached container problem in a more elegant and robust way.

Instead of just running containers in detached mode (which still requires manual restart if your system reboots), the systemd integration lets you:

1. Create persistent containers that automatically start on boot
2. Manage container lifecycles through the standard systemd tools
3. Get proper dependency management, restart policies, and logging

Here’s how to use it:

# Create a container first (but don't need to run it yet)
podman create --name my-webserver -p 8080:80 nginx

# Generate a systemd unit file
podman generate systemd --name my-webserver --files

# Move the file to your systemd user directory
mkdir -p ~/.config/systemd/user/
mv container-my-webserver.service ~/.config/systemd/user/

# Enable and start the service
systemctl --user enable container-my-webserver.service
systemctl --user start container-my-webserver.service

Now your container will:

• Run in the background
• Automatically restart if it crashes
• Start when your system boots
• Be controllable via standard systemd commands

This is far superior to just using -d because it properly integrates with your system’s service management. It’s one of the strongest advantages Podman has over Docker for production environments.