>>108005373
is there actually any difference?

for me, it's OrbStack

>>108005373
Docker. There's specific docker documentation for most projects I care about, so I prefer that. The entire point of docker is that I don't want to be buried in config issues.

>>108005373
I dont have container mental illness, so neither

>>108005373
Docker because autostarting containers with podman is confusing to me and they are basically identical that small quirks like this make it not worth switching

>>108006887
fpbp, /thread

>>108006458
Podman doesn't require root.

>>108006887
>>108006900
>t. unemployed

>>108005373
>Podman
We're naming shit after lifestyles now?

>>108006927
I think they just don't use linux, so they don't get it

>>108006933
whales travel in pods anon

File: 1762413120957800.png (469 KB, 1500x1000)

469 KB PNG

>>108006933
Always have been.
>>108006927
>>108006936
Most guys here just tinker on Arch.

>>108006940
Those are sea otters

>>108006940
>logo is seals

>>108006927
Real developers use a $4 VPS with their software installed onto the OS.
t. principal dev, 30 YoE

>>108005373
I like podman to build programs myself in a pseudo chroot without dirtying my linux install

>>108006978
can I write regular Dockerfiles and docker-compose files and use them with podman?

Pretty much the only reason to use docker is because of Windows Server containers. That's it. Compose is shit and you should have moved on to kubernetes deployment yamls anyway.

>>108007101
Yes. https://docs.podman.io/en/latest/markdown/podman-compose.1.html

File: Dug.png (33 KB, 215x215)

33 KB PNG

Podman because the logo reminds me of dugtrio.

>>108006975
This works and systemd already provides strong hardening tooling as well. I'd only sink to containers if the software is a mess with no good distribution other than dockerhub. Even then, systemd-podman just works.

>>108006494
This.

>>108007156
very good to know, just uninstalled docker and am going to set up podman now.

>>108005373
Docker on Windows, Podman on Linux

>>108005373
podman when i have the choice but i honestly dont care
mostly its because fedora comes with it by default

I've never touched either. What is the use case?

>>108005373
Podman ofc

>>108005373
Filezilla

>>108005373
why do jeets look like this

File: 1758833949999794.png (553 KB, 1026x710)

553 KB PNG

>>108005373
podman because it's compatible enough for shit I do and good autocomplete by default on fedora
>>108006903
add your user to docker group and do

sudo systemctl enable --now docker.socket

for on demand docker daemon activation, as opposed to enabling service and having it run all the time

>>108005373
Podman, because root daemons are a security nightmare and docker keeps proving it.
I honestly wish podman could do without that whole emulated network stack shit but it's not like it's THAT inefficient.

>>108005373
nixos

Moving to a Flake based setup is a smart move for reproducibility. In this approach, we define the container within the nixosConfigurations block.

Since you are using Flakes, you can manage the container as part of your system's output. Below is a structured flake.nix that encapsulates the Postgres container logic.
The Flake Configuration
Nix

{
  description = "NixOS system with an isolated Postgres container";

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
  };

  outputs = { self, nixpkgs, ... }: {
    nixosConfigurations.my-host = nixpkgs.lib.nixosSystem {
      system = "x86_64-linux";
      modules = [
        ({ config, pkgs, ... }: {
          
          # Networking: Enable NAT and Port Forwarding
          networking.nat = {
            enable = true;
            internalInterfaces = ["ve-+"];
            externalInterface = "eth0"; # Update this to your host's NIC
          };
          
          networking.firewall.allowedTCPPorts = [ 5432 ];
          networking.nat.forwardPorts = [
            {
              sourcePort = 5432;
              proto = "tcp";
              destination = "192.168.100.11:5432";
            }
          ];

          # Define the Container
          containers.db-container = {
            autoStart = true;
            privateNetwork = true;
            hostAddress = "192.168.100.10";
            localAddress = "192.168.100.11";

            config = { config, pkgs, ... }: {
              services.postgresql = {
                enable = true;
                package = pkgs.postgresql_16;
                enableTCPIP = true;
                authentication = pkgs.lib.mkOverride 10 ''
                  local all all trust
                  host all all 192.168.100.0/24 trust
                '';
              };

              networking.firewall.allowedTCPPorts = [ 5432 ];
              system.stateVersion = "24.05";
            };
          };
        })
      ];
    };
  };
}

File: 1768558390778780.jpg (270 KB, 1832x1994)

270 KB JPG

>>108008224
>Podman, because root daemons are a security nightmare and docker keeps proving it.
That's why k8s was invented so devs do not get to run everything with sudo and --cap-add cap_all --privileged in prod.
>Jenkins official docs insist on that kind of setup

Docker is security nightmare of its own kind.

>>108005373
Docker because I didn't know any better
Changing to podman at some point

>>108005373
>an image with entire OS + Python
>an image with entire OS + MySQL
>an image with entire OS + NodeJS
bloat, I use Nix

>>108008416
I think k8s was invented because for Google, docker run doesn't scale. They need some system to manage a huge server cluster that automatically scales up and down containers and routes in a fair way.

Most companies are too dumb to realize that a few containers running on a single server, managed via systemd will serve their needs more than fine and cause them way less trouble than a fucking k8s cluster that their ops don't understand at all.

>Umm, maybe we'll put a WAF in front of the k8s cluster and then it'll be fully secure?
AAAHHHH

File: images(2).png (6 KB, 512x512)

6 KB PNG

>>108008449
>nix
Bloat

File: absolutetotaupper.png (22 KB, 524x499)

22 KB PNG

>>108008449
>entire OS
Literally the "os" part (kernel) is what's being shared. You use minimal userspace.
What should be done is to have empty container with just the needed files. Tho, that usually does not happen in wild, because devs are monkeys for a reason.

>>108008474
>Most companies
Idk, I work in env that's as big as it can get, without being google etc. Still, I insist on docker swarm if there's no need to scale or there's less than 10-20 services.

>>108008449
an alpine docker image is like 3 megabytes tops.

File: 1492758609416352.jpg (189 KB, 1080x925)

189 KB JPG

>>108008504
>>108008528
Nix is only 2MB

File: 1769743587561.jpg (99 KB, 887x1480)

99 KB JPG

>>108006940
>whales

>>108006887
i really didnt like containers too until i discovered i can develop inside containers. now i like them.

>>108008528
what about alpine with python? for some reason the moment i put python in, shit gets bloated really fast

>>108005373
Podman cause it's more libre.

>>108005373
systemd-nspawn

>>108008212
>add your user to docker group and do
I didn't say that I cared, I just said that's the main difference.

>>108006458
the fucking state of /g/neets

File: 1767584184908365.jpg (78 KB, 1024x1000)

78 KB JPG

>>108005373
Virtual machines in my type 1 hypervisor.

Corporate said we can't use docker.

>>108005373
podman because docker is pajeet tier software.