BestHub
Sign in
Cloud Native 16 min read

Mastering Podman: A Docker‑Compatible, Daemon‑Free Container Runtime

This article explains what Podman is, highlights its key architectural differences from Docker, provides Docker‑compatible command references, shows how to install and configure accelerators, demonstrates rootless operation, and covers essential configuration files and volume handling for secure container management on Linux.

Open Source Linux
Open Source Linux
Open Source Linux
Mastering Podman: A Docker‑Compatible, Daemon‑Free Container Runtime

What is Podman?

Podman is an open‑source container runtime that works on most Linux distributions. It offers Docker‑compatible commands but runs without a daemon and can operate without root privileges.

Key Differences Between Podman and Docker

Docker requires a root‑owned daemon (dockerd) and multiple helper processes (containerd, shim); Podman runs containers directly via OCI runtimes (runC) without a daemon.

Podman’s architecture is simpler and more secure because it does not need a privileged daemon.

In Docker the daemon hierarchy is dockerd → containerd → containerd‑shim → runC; Podman uses a single “conmon” process analogous to containerd‑shim.

Podman Commands (Docker‑compatible)

podman run        # create and start a container
podman start      # start a stopped container
podman ps         # list containers
podman stop       # stop a container
podman restart    # restart a container
podman attach     # attach to a running container
podman exec       # execute a command in a container
podman logs       # view container logs
podman rm         # remove a container

Image Management

podman search
podman pull
podman images
podman rmi
podman save
podman load
podman build
# Dockerfile instructions: COPY, ADD, CMD, ENV, EXPOSE

Installation and Acceleration

# Install Podman
yum -y install podman

# Registry accelerator (v7)
vim /etc/containers/registries.conf
registries = ["docker.io"]
[[docker.io]]
location="j3m2itm3.mirror.aliyuncs.com"

# Registry accelerator (v8)
unqualified-search-registries = ["docker.io"]
[[registry]]
prefix = "docker.io"
location = "j3m2itm3.mirror.aliyuncs.com"

Running a Container Example

# Pull and run an httpd image
podman run -d --name httpd docker.io/library/httpd
podman ps
podman logs --latest

Rootless Operation and User Configuration

To run Podman without root, install crun (or another OCI runtime) and set runtime = "crun" in /etc/containers/containers.conf. Install slirp4netns and fuse‑overlayfs for rootless networking and storage, and configure /etc/subuid and /etc/subgid for user‑namespace mapping.

Configuration Files

The three main configuration files are containers.conf, storage.conf, and registries.conf. They are read in order of precedence: system‑wide files in /etc/containers, then user‑specific files in $HOME/.config/containers.

Volumes

When a container runs as root, files created inside the mounted host directory appear owned by the host user. Use --userns=keep-id to preserve UID/GID mapping so that files retain the invoking user’s ownership.

Podman vs Docker daemon diagram
Podman vs Docker daemon diagram
LinuxContainer RuntimePodmanDocker alternativeOCIrootless containers
Open Source Linux
Written by

Open Source Linux

Focused on sharing Linux/Unix content, covering fundamentals, system development, network programming, automation/operations, cloud computing, and related professional knowledge.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment