So, planning on setting up a new VPS, and move a couple of native services to their Docker versions. But should I give Podman a try (on Debian 12), or should I stick with regular Docker? 
Docker is so widely supported in comparison, I doubt I’d ever really consider Podman outside of critical security deployments (very rare)
2 Likes
^ this. Podman would be fine in a homelab test environment but even for a “productional” homelab system I wouldn’t consider it. Docker has been going strong for nearly a decade.
2 Likes
I’m not an expert in Docker but between both, I’ll choose it because of the community and support
Remember that Docker deamon runs as root. Giving a user permissions to use docker without sudo is like giving that person root permissions (for example you can mount /etc/shadow inside a container and modify your host’s root password).
Podman containers can work in rootless mode. It’s going to give you some headaches, especially if you need to use a bind mount (root inside container is mapped to your host user, but non-root users inside containers are mapped to some wild ids on host - read more here).
In large organizations, where Kubernetes is not a viable option, Podman is often chosen over Docker due to security.
If you already know Docker, you should give Podman a go.
3 Likes
Yes, curiosity made me try Podman, also for the reasons you mention (running unprivileged etc.), and for some things, it’s seems more polished and nice, but it seems to do much less network stuff automatically, so for this server, where I will fire up something for a while to try out, then shut it down again, I came to the conclusion that Docker would be better.
I just moved a (small) Plex instance from standalone to Docker. Seems to work fine.
(And IIRC, I can just backup the data dir with Plex running, so backup should be easy.)
1 Like
Not all the time. Rootless mode | Docker Docs
1 Like
Yunohost or plain Docker?
Dunno if Yunohost simplifies backup and upgrades somehow …
(Did try Yunohost years ago, but can’t remember why I discontinued the test.)
I personally don’t like anything that abstracts Docker, because Docker is already simple enough, and abstractions tend to introduce complications.
1 Like
I think I agree. Allthough I’d like the idea of some system automating backups and upgrades, I just installed Yunohost, and I think I already regret – it makes too many (wrong) assumptions on how I want to do SMTP, IMAP, DNS, Lets Encrypt etc … So, soon going to do a reinstall, I guess 
Edit: Huh, I think it also used OpenLDAP for users etc. Quite overkill for what I’m looking for.
So, I remember now … 
1 Like
wasmcloud 
Looks like it’s an abstraction over k8s, rather than an alternative to Docker or Podman 
Podman is a great choice if you want a more secure, daemonless container runtime that integrates well with systemd on Debian 12. It’s rootless by default, reducing attack surfaces, and it has nearly full compatibility with Docker commands (alias docker=podman can often work).
However, Docker still has better ecosystem support, a more mature networking stack, and simpler volume handling, especially if you rely on docker-compose.
If your use case involves running services as systemd units or rootless containers, Podman is worth trying. If you prefer a more plug-and-play experience with a vast number of prebuilt images and tools, Docker is still the safer bet.
3 Likes
I have tried Podman, and it functions just like Docker but under a different name. However, I encountered an issue where containers automatically stopped after a period of inactivity.
1 Like