I ditched Docker for Podman

Posted by codesmash 9/5/2025

I ditched Docker for Podman(codesmash.dev)

1123 points | 654 commentspage 5

pitah1 9/5/2025|

I have a tool[1] that solely worked with docker before and was putting off supporting podman for a while because I thought it would take some time. But it turned out to work straight out of the box without tweaking. Essentially frictionless.

[1] Tool for reference: https://github.com/data-catering/insta-infra

vb-8448 9/5/2025||

i'm the only one that wished docker swarm became the standard instead of k8s?

papascrubs 9/5/2025||

Swarm syntax is much better than the YAML sprawl of k8s. That said the underlying engine was pretty buggy and lack of customization for lower level components was a pain. Their whole plugin system was a great idea, but actual plugins developed by vendors ended up being very brittle. That said, yeah I'd prefer that timeline

notpushkin 9/6/2025||

I’m still using Swarm personally and agree 100%.

I’ve dealt with a fair bit of Swarm internals for https://lunni.dev/, and I’m ready to switch to k8s any moment. Don’t wanna lose Compose Spec support though, so I’ve started an IaC thingy that can map it to both k8s and Swarm resources. (Now I need to find some time for it!)

leetrout 9/5/2025|||

Or Nomad...

skor 9/5/2025||

no, wish swarm had a feature or two more, but I'm happy with how simple it is.

vb-8448 9/5/2025||

the sens of my comment was: I would have liked that k8s looks like swarm.

lpln3452 9/13/2025||

Most projects only offer docker compose files and podman compose failed with too many of them contrary to developer claims.

I did not want the hassle of writing new quadlets for every project so I just went back to rootless Docker.

Also I believe the `podman generate systemd` mentioned in the article is now deprecated.

dathinab 9/5/2025||

There can be interesting differences, I'm not sure which of them still apply but some I ran into:

- podman having a more consistent CLI API/more parameters (but I think docker did at least partially catch up)

- user-ns container allow mounting the context instead of copying it, this means that if you somehow end up with a huge build context user-ns build can be _way_ faster then "classical" docker builds (might also apply to rootless docker, idk.). We ran into that when that one person in the team using Mac+Docker asked if we can do something about the unbearable slow docker build times (no one else on the team experienced :/)

- docker implicitly always has the docker Hub as configured as source which resolves "unqualified", this might not be true for your podman default setup so some scripts etc. which should work with both might fail (but it's easy to fix, preferable always qualify your images as there are increasingly more image hosts, in worst add docker hub in the config file).

- "podman compose" supports some less feature, this might seem like a huge issue but compose doesn't seem the best choice for deploying software and if I look how it turned out in dev setups the moment things became larger/more complicated I came to the conclusion that docker/podman compose is one of the easy to start with then get trapped in a high complexity/maintenance cost "bad" corner technologies. But I'm still looking for alternatives.

- podman sometimes missing some resource management features, but also docker sometimes does have differences in how it effectively enforces them not just between version but also with the same version between OSes, this had lead to issues before where docker-rootless kills a container and docker on Mac doesn't because on Mac it didn't notice spikes in resource usage (in that specific case).

varispeed 9/5/2025||

Author lists vulnerabilities of Docker, but it doesn't mean podman is more secure. Maybe it's more obscure so it is not as attractive for hackers as a target.

I tried to use podman, but that was largely a waste of time and I reverted to Docker. I don't have time going through docs to figure out why something that supposed to work is not working.

MorehouseJ09 9/5/2025||

We were using podman at our company, and it was great for a while but we recently migrated to orb.

The UX with orb is just much easier and the small gotchas between docker/podman started to add up. Especially with buildkit issues we had run into and things like using a remote buildkit instance (which we now use), was not supported well enough.

sc68cal 9/5/2025||

I have been running Podman in production for a number of years now, and have been very happy with the results.

Podman pods have been super useful, and the nature of my workload is such that we just run a full pod on every host, so it's actually removed the need for an orchestrator like Kubernetes. I manage everything via Ansible and it has been great.

osigurdson 9/5/2025|

Why not just use Kubernetes?

sc68cal 9/8/2025||

My workload is not dynamic

dingi 9/5/2025||

I use both Podman and Docker pretty regularly, and to be honest I don’t see a huge amount of differentiation or practical value in Podman for my day-to-day. It feels like another OCI runtime with some quirks compared to Docker.

One pain point for me is rootless mode: my Podman containers tend to stop randomly for no obvious reason. I tried the recommended “enable user lingering” fix and it didn’t help. I’ve never run into this with Docker.

I get the theoretical advantages, daemonless architecture, better systemd integration, rootless by default, podman generate kube, etc. But if you’re just using containers for development or straightforward deployments, Docker feels smoother and more reliable. Maybe if you’re in a security-sensitive environment or need tighter system integration Podman shines, but for my use cases I’m still not convinced.

Kon5ole 9/5/2025|

I ditched containers. After a few years it seemed like one of those things that FAANGs use because they need it, while most others are using it just because the FAANGs do.

I'm sure I've spent more time writing and troubleshooting YAML files than I ever did just installing stuff on vm's.

More comments...