(www.redhat.com)

272 points twelvenmonkeys | 1 comments | 14 Nov 24 17:59 UTC | HN request time: 0.199s | source

Show context

kuratkull ◴[14 Nov 24 19:28 UTC] No.42140145[source]▶

Podman actually works really well. Out-of-the-box virtually-no-configuration-needed rootless containers. It's also usable via docker-compose with a single env variable. (podman-compose wasn't up to par for us)

We've been using it for a couple of years running and managing hundreds of containers per server - no feeling of flakiness whatsoever. It's virtually zeroconf and even supports GPUs for those who need it. It's like docker but better, IMO.

Hope it gets a popularity boost from CNCF. Rooting for it.

replies(14): >>42140324 #>>42140486 #>>42140492 #>>42140544 #>>42140660 #>>42140768 #>>42141042 #>>42141174 #>>42141341 #>>42142569 #>>42142974 #>>42150237 #>>42151540 #>>42155624 #

bombela ◴[14 Nov 24 19:57 UTC] No.42140486[source]▶

>>42140145 #

The IO through fuse-overlay is performance limiting though. It's almost half the speed as overlay directly for layers with many tiny files.

Note that Linux allows you to mount overlay within a user namespace if you are root within the user namespace.

In other words, if you are root within a container; even though it is not root on the host; Linux accepte ton mount overlay filesystems (most filesystems are not allowed). `man user_namespace`

replies(1): >>42141117 #

1. nolist_policy ◴[14 Nov 24 20:56 UTC] No.42141117[source]▶

>>42140486 #

You may need to do

  podman system reset

The Linux kernel only gained unprivileged overlay recently. Kernel fuse and fuse-overlay are incompatible so you need to wipe everything.

You may need to set

  [storage]
  
  driver = "overlay"

in storage conf as well.

https://docs.podman.io/en/stable/markdown/podman-system-rese...

↑

Red Hat to contribute container tech (Podman, bootc, ComposeFS...) to CNCF