Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It’s literally OCI compatible, integrates with systemd and LSM, and runs rootless by default. Podman is 100000% better designed on the inside with the same interface on the outside.


Rootless networking is still a mess with no IP source propagation and much slower performance. So for most users docker with userNS-remapping is actually a better choice.

Also systemd integration isn't a plus for me, I don't want to deal with SystemD just to have a container start on startup.


I think --network=pasta: helps with source IP preservation.

Regardless that has never bothered me since I'm only using podman or docker for local development...


Hmmm, pasta seems to solve all rootless networking issues...

https://github.com/containers/podman/pull/16141


It’s the lack of fully compatible compose that matters most.


Podman appears to support the compose v2 spec, and the socket API, but still not fully supporting buildkit.

https://www.redhat.com/sysadmin/podman-compose-docker-compos...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: