Comment by heavensteeth
3 days ago
I tried Podman on my messing around VPS but quickly reverted to rootless Docker.
The straw that broke the camels back was a bug in `podman compose` that funnily enough was fixed two hours ago[1]; if `service1` has a `depends_on` on `service2`, bringing down `service1` will unconditionally bring down `service2`, even if other services also depend on it. So if two separate services depend on a database, killing one of them will kill the database too.
Another incompatibility with Docker I experienced was raised in 2020 and fixed a few months ago[2]; you couldn't pass URLs to `build:` to automatically pull and build images. The patch for this turned out to be a few lines long.
I'm sure Podman will be great once all of these bugs are ironed out, but for me, it's not quite there yet.
[1]: https://github.com/containers/podman-compose/pull/1283
[2]: https://github.com/containers/podman-compose/issues/127
Podman compose is an attempt to court Docker users by porting over a bad idea. Instead of that, learn how to create "quadlets" and you'll never want to touch docker again. See: https://www.redhat.com/en/blog/quadlet-podman
I recommend starting with .container files instead of .kube, unless you're already familiar with kubernetes.
So for my set of DVR services, quadlets would have me replace a single compose.yml with 6 .container files, and manually create the network, and have to stop and start all of the services individually.
Not sure I'm sold.
Not sure what your compose file looks like, but my container files are tiny, flat, and trivial to maintain.
> manually create the network
There's no way for me to know what your requirements are, but often times if you just need your containers to talk to each other, all you need is an empty file with a unique name. So `touch MyDVRNetwork.network` to create it, and add `Network=MyDVRNetwork` to your containerfiles.
> and have to stop and start all of the services individually.
Nope, container files are essentially already systemd service files. If you add them to the correct folder and set up the dependencies, systemd will automatically start them in the correct order at boot time, restart them if they fail, etc. That's the best part of quadlet IMO. Literally set it and forget it, and the process works the same for rootless containers (you just need to add them to your user folder instead of the system-wide folder)
It gets even more awesome when you combine them with something like Fedora CoreOS and Butane. With a few small text files, you can declaratively generate an OS image with all of your desired services ready to go. It is pure bliss.
5 replies →
Quadlets also support a .kube file. I have a similar use case where I have 6 containers I want to all run on the same network. So have a k8s YAML file that has a pod with the containers, their configuration and path mapping and then a have a `service.kube` file with a '[Kube]' section and a 'Yaml=/path/to/config.yaml' directive. That creates a single service to stop/start with systemd and has all the containers running on the same network in a single pod.
Can you use those quadlets inside a development project? I use docker-compose (with podman) just so i can work on a project that is completely self-contained. No copying files to ~/.config/systemd just run docker-compose to start and stop.
Can i do that with quadlets?
I'm not the best person to ask about this as I don't do much web dev these days, and my experience with podman is mostly limited to deploying existing software. If compose works for that use case, then you should probably stick with it. For actually deploying it somewhere though, you should be using quadlets instead (or kubernetes I guess)
> No copying files to ~/.config/systemd just run docker-compose to start and stop.
Naively, I'd say to create symlinks instead of copying, and run `systemctl daemon-reload`/`systemctl restart ...`. Although there are probably more streamlined web development options out there.
Maybe look into Podman Pods. They're probably closer to what you're looking for, but idk what kind of dev tools exist out there for it. Maybe a few custom shell scripts to run the pod management commands is all you really need?
3 replies →
What I've done is use the "podman kube play" similar to docker-compose when developing ("podman kube play file.yaml", "podman kube play --down file.yaml", "podman kube play --replace file.yaml", etc.) with the "file.yaml" in my working directory. Then when I'm satisfied and want to deploy to production I write a quadlet snippet referencing the kube file and put them under /etc.
Can I use quadlets on my macOS laptop? Or in WSL2?
I was able to follow Dan Walsh's example [0].
I tried with Ubuntu just know and there's a 404 for buildah to install via apt at this exact moment. Here's my working Fedora WSL2 (which I prefer and use daily).
[0] - https://www.redhat.com/en/blog/quadlet-podman
I use rootless podman in socket mode but use the docker CLI (just the CLI, no daemon or service or messing with iptables) as the frontend. Can recommend!
What does the docker CLI give you that the podman CLI doesn't? (Surely you aren't suggesting that `docker compose` works with a podman rootless daemon?)
It certainly does!
For what it's worth, podman has also a thin wrapper around docker compose (podman compose) which can also automatically select `podman-compose`.
Note:
- `podman-compose` is an early attempt at remaking `docker-compose` but for Podman.
- Later Podman wrote a Docker compatible socket instead, which can work with most docker clis that accept a `DOCKER_HOST` argument, including `docker` and `docker-compose` (both v1 and v2)
- `podman compose` is a thin wrapper that automatically selects `docker-compose` or `podman-compose` depending on which is installed.
It works perfectly well. Try it out :)
2 replies →
it does work, yes
> once all of these bugs are ironed out
You just mentioned they are.