>corp doesn't want to pay for docker
>everything is docker only
very cool, thank you baseddevs

>>108835704
Podman is free. Use Kubernetes if you want job security.

>>108835655
>>108835704
>>108835710
I use podman to run a Caldav sync locally.

>>108835710
>Use Kubernetes if you want job security.
Job security in... dead-on-arrival startups?

>>108835734
sorry to burst your bubble neetbro but Kubernetes has long surpassed that status
it's quite literally everywhere and not going anywhere
I work for a hyper-regulated dinosaur of a company and it's all Kubernetes nowadays, we have Kubernetes jobs interacting with ancient Solaris servers :P

>>108835849
>we have Kubernetes jobs interacting with ancient Solaris servers :P
Oh, boy. I bet it's fun every time you have to touch that. Especially if there's only one guy who knows how the whole thing works. This is the real job security of Kubernetes.

>>108835655
Podman is great

>>108835725
>>108837997
>Podman
why is every developer on podman from red hat?
check the people on the github https://github.com/containers/

>>108838028
Because it's basically Docker without the baggage.

>>108838048
>without the baggage
???

File: 1777944562042522.png (391 KB, 720x540)

391 KB PNG

>>108835655
Since anons itt seem to know a thing or two, is there any convenient way to self-host on Windows? I know Apache is a thing, but I mean something like Docker, except without having to go through a VM.

>>108838072
No daemon or network/firewall fuckery. Runs completely in user-mode rootless (not experimental like Docker) but can also run as a system user too.

>>108835655
actually filtered lmao, docker is extremely good and offers a very practical way to keep your server working well with minimal upkeep or effort

>>108838212
>not experimental like Docker
I have checked it in the docker app here and it doesn't say experimental

>>108838212
>>108838242
and the docs don't say anything about experimental too, maybe your info is outdated?
https://docs.docker.com/engine/security/rootless/

>>108838257
>>108838242
Maybe they stopped calling it experimental. It's not as mature as Podman though.

>>108838261
Also:
https://docs.docker.com/engine/security/rootless/troubleshoot/#known-limitations

>>108838191
Docker Desktop on windows runs in microsoft's VM implicitly afaik.
If your machine is isolated enough, you can host whatever you want with docker on windows, it does not matter. If not, you should harden the windows machine, at least use firewal in whitelist mode.

>>108838261
>>108838272
podman sounds nice but I don't know what benefits I have from it when my projects use docker, docker-compose which I can use in podman too, this means I have to download the docker stuff for podman when I can just use docker itself.

>>108838316
Yeah, it's a chore to migrate. My laptop uses Podman because it's a fresh install but all my other machines still use Docker.

This is despite the fact that Nftables shits itself with Docker every time I reload the firewall I deal with that simply because it's still less annoying than migrating to Podman.

>inexplicably runs everything as root with the option to escalate privileges by default
Why is it like this?

>>108838326
It does drop privileges by default, you need the --privileged flag to have actual super user powers.

>>108837997
Is rootless podman still incredibly annoying to set up?

>>108838363
No, on Linux there are 0 setup steps required

>>108838374
you're saying this is irrelevant now?
https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md

>>108838379
It's been a while since I had to set up Podman from scratch but I don't remember having to mess with /etc/sub{u,g}id nor installing pasta separately (Gentoo). I do remember having to

chown root:cgroup /sys/fs/cgroup
chmod 775 /sys/fs/cgroup
chown root:cgroup /sys/fs/cgroup/cgroup.{procs,subtree_control,threads}
chmod 664 /sys/fs/cgroup/cgroup.{procs,subtree_control,threads}

though but only because I'm not running a non-systemd distro

>>108835704
wdym?

docker is free

>>108838028
Because it's a redhat project?

>>108838363
Idk, i just use the rootless podman service in Guix, copy paste from the manual.