When I say “containers”, you probably first think of Kubernetes or Docker. How about Podman? Podman is a Linux pod management tool that helps you manage pods, containers, container images, and container volumes. It focuses on ease of use and security.
Can you contain yourself? The latest 1.0. version celebrates new features and bug fixes. This open source tool has come a long way since its public release last year and still has some ground to travel.
Container management made better
SEE ALSO: “The technology stack of the future will be composed of containers, serverless & SaaS services”
First off, Podman doesn’t require a daemon. So say good-bye to daemon dependency and hello to the flexible future of containers. Without daemons, Podman benefits from reduced overheaded and added security.
Speaking of security, Podman can run containers as a non-root user. By doing this, you do not have to give users root privileges on the host.
If you are familiar with Docker, you’ll recognize a few similarities between the tools. Podman offers a similar experience as the Docker command line, which makes it user-friendly and familiar for Docker users to transition to. The Podman website even describes the tool as simply: “alias podman=docker“.
Likewise, pods work the same as pods in Kubernetes, so the learning curve is easy to manage, no matter which container tool you are coming from.
This project is maintained via the help of the containers organization. Another of their beloved tools, buildah, facilitates building OCI images. Despite having different specializations, the two projects can easily complement one another when used together. Underneath its hood, Podman uses buildah for image building.
Read more about how to get the most out of these open source tools and use them in tandem.
(Cuteness alert: We also must mention the adorable logo. Is it cuter than the Docker whale? I could never choose.)
Welcome to 1.0
Now that you are familiar with what Podman can do, let’s take a look at all the newness added in version 1.0.
First things first, let us say a big congrats to this milestone! We expect to hear Podman mentioned much more often when the conversation turns to containers.
The latest version 1.0 includes:
- The
podman play kube
command creates pods and containers from the Kubernetes pod YAML - Rootless containers use postrun cleanup processes
- The
podman exec
command now includes a--workdir
option - Parallelized building images for speedier performance
- The
podman create
andpodman run
commands now support the--init
flag to use a minimal init process in the container - Added the
podman image sign
command to GPG sign images - The
podman run --device
flag now accepts directories, and will added any device nodes in the directory to the container - A new, speedier version of Buildah included
- Dozens of bug fixes
- Beefed up security!
View the full changelog on GitHub for all the new updates and changes.
Jumping aboard
SEE ALSO: When monitoring containers, machine data is essential
Join the pod!
- Follow the installation instructions.
- Newcomers should follow the basic setup instructions and intro.
- Refer to the list of Podman commands.
- Having trouble? Consult the list of common issues and their solutions.
As for the future of Podman, the roadmap on GitHub proposes some interesting goals. These including a planned Varilink backend for connecting remote Podman instances, and improved rootless containers.
Does Podman earn your seal of approval? How does it compare to other container management tools?
The post Secure container management with Podman appeared first on JAXenter.
Source : JAXenter