(codesmash.dev)

1101 points codesmash | 1 comments | 05 Sep 25 11:56 UTC | HN request time: 0.278s | source

Show context

daitangio ◴[06 Sep 25 07:09 UTC] No.45147261[source]▶

I do not know: the lack of proper docker compose support it is a problem for me. About security: gVistor adoption failure in Google is a proof that containerization cannot be enforced easily and container will always be less secure than a VM.

If you want proper security go to firecracker [^1]. Podman is the "RedHat/IBM docker-way" but I see very little benefit overall; never less if it works for you great and go with it!

[^1]: https://firecracker-microvm.github.io

replies(2): >>45147304 #>>45147305 #

1. vrotaru ◴[06 Sep 25 07:22 UTC] No.45147305[source]▶

>>45147261 #

There is a podman-compose which works almost as drop-in replacement.

Almost because most common commands work, but I have not check all.

And almost, because for some docker-compose.yaml which you downloaded/LLM generated you may need to prepend `docker.io/` to the image name

↑

I ditched Docker for Podman