Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

What's wrong with it?


With docker all container have their own ip address and (potential) internal DNS name.

But this can't be done rootless.

So with rootless podman all container map to the same ip address but different ports.

This is for some use cases (e.g. spinning up a DB for integration testing) not a problem at all. For others it is.

More over you can run multiple groups of docker containers in separate networks, you can't do so with rootless podman.

Through you can manage networks with rootfull podman (which still has no deamon and as such works better with e.g. capabilities and the audit sub system then docker does).

Through to get the full docker-compose experience you need to run it as a deamon (through systemd) in which case you can use docker-compose with podman but it has most of the problems docker has.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: