Docker or Podman

  • Which is better for containerization development?

  • Comparison using Windows 11 Home edition (no Hyper-V) both WSLv2 based

Summary

Docker Desktop

  • Upsides
    • polished bundled product, Docker Desktop

    • infrequent updates

    • leading-edge container (docker) technology

    • docker compose for multi-container

    • Command line completions Bash, Zsh

  • Downsides
    • cannot run kubernetes pods

    • kubernetes-style secrets are not supported, docker swarm only

    • kubernetes-style configMaps are not supported, docker swarm only

    • primarily Windows, but available on Linux and MacOS (brew)

    • application slow to start and upgrade

    • releases v4.29, v4.30 have issues, try manually start starting Docker Desktop Service

Podman and Podman Desktop

  • Upsides
    • supports containers and kubernetes manifests (pod, service, deployment)

    • supports kubernetes-style secrets, podman secret

    • supports kubernetes-style configMaps, podman kube play

    • primarily Linux, but well supported on Windows and MacOS (brew)

    • supports importing basic docker compose using podman compose

    • exporting of containers to pod, deployment and service manifests

    • Command line completions Bash, Zsh, Fish, PowerShell

  • Downsides
    • separate products, podman, podman-desktop

    • frequent updates, active community driven development and support

    • podman-compose supported natively on Linux and MacOS, Python script on Windows

    • MacOS podman v5 is only supported on macOS 13 (Ventura) or later

    • MacOS podman v4 download and install dmg from podman releases

    • Windows podman v4 and podman v5 use different a podman-machine version

Installation

Windows 11 Home edition does not support Hyper-V so WSL is used.

WSL

Essentially this requires:

  1. checking the platform is virtualization capable

  2. enabling the additional Windows features

  3. installing WSL 2, typically from the Microsoft Store

Follow cheatsheet WSL - Windows Subsystem for Linux

Docker Desktop

Installing Docker Desktop is very simple follow, Install Docker Desktop on Windows

Note

Docker Desktop terms

Commercial use of Docker Desktop in larger enterprises (more than 250 employees OR more than $10 million USD in annual revenue) requires a paid subscription

$ wsl --list
Windows Subsystem for Linux Distributions:
Ubuntu-22.04 (Default)
docker-desktop-data
docker-desktop
AlmaLinuxOS-9

Podman and Podman Desktop

To be equivalent to Docker Desktop both Podman and Podman Desktop need to be installed

Note

On Windows Podman v5 upgrade requires stopping and deleting the podman-default-machine

$ wsl --list
Windows Subsystem for Linux Distributions:
Ubuntu (Default)
podman-machine-default
AlmaLinuxOS-9

Testing

A modified example from CodeJava, JSP Servlet JDBC MySQL C.R.U.D Example is used the details of which are on GitHub sjfke - tomcat containers

Separate containers are used for:

  • bookstore the tomcat application

  • bookstoredb the MariaDB database

  • adminer the web interface used for database administration

and additionally

  • bookstoredb uses a volume for persistent storage, “jsp_bookstoredata

  • all three containers use a dedicated network, “tomcat-containers_jspnet

The containers are deployed using

Like the CodeJava example, the development uses Eclipse and the Build README details the steps taken to build, test and modernize the Bookstore application.

Typical Docker Session

# Volumes
PS> docker volume create jsp_bookstoredata

# Initial build and deploy
PS> mvn -f .\Bookstore\pom.xml clean package
PS> docker compose -f .\compose.yaml build bookstore
PS> docker compose -f .\compose.yaml up -d
PS> start "http://localhost:8080/Bookstore"

# Develop, build and test (wash repeat) cycle
PS> docker compose -f .\compose.yaml down bookstore
PS> mvn -f .\Bookstore\pom.xml clean package
PS> docker compose -f .\compose.yaml build bookstore
PS> docker compose -f .\compose.yaml up -d bookstore

# Clean-up
PS> docker compose -f .\compose.yaml down
PS> docker volume rm jsp_bookstoredata


# Helpful
PS> docker compose ps --all
PS> docker volume ls
PS> docker network ls
PS> docker image ls --all
PS> docker image ls | select-string bookstore   # get docker-compose 'name' (tomcat-containers-bookstore)
PS> docker image rm tomcat-containers-bookstore # delete specific image
PS> docker image prune                          # remove all 'dangling' images
PS> docker image prune --all                    # remove 'ALL' images

Typical Podman Session

# Volumes, networks and secrets
PS> podman volume create jsp_bookstoredata
PS> podman network create jspnet
PS> podman kube play secrets.yaml (or podman secret create)

# Initial build and deploy
PS> mvn -f .\Bookstore\pom.xml clean package
PS> podman play kube --start --network jspnet .\adminer-pod.yaml
PS> podman play kube --network jspnet .\bookstoredb-pod.yaml        # --start is default
PS> podman play kube --network jspnet .\bookstore-pod.yaml
PS> start "http://localhost:8080/Bookstore"

# Develop, build and test (wash repeat) cycle
PS> podman play kube --down .\bookstore-pod.yaml                    # --network optional
PS> mvn -f .\Bookstore\pom.xml clean package
PS> podman build --tag localhost/bookstore --squash -f .\Dockerfile
PS> podman play kube --network jspnet .\bookstore-pod.yaml

# Clean-up
PS> podman play kube --down .\bookstore-pod.yaml
PS> podman play kube --down .\adminer-pod.yaml
PS> podman play kube --down .\bookstoredb-pod.yaml
PS> podman network rm jspnet
PS> podman volume rm jsp_bookstoredata

# Helpful
PS> podman volume ls
PS> podman network ls
PS> podman secret ls
PS> podman image prune                  # remove all 'dangling' images
PS> podman image rm localhost/bookstore # delete image by name
PS> podman image rm ba3f9f9af813        # delete image by id (alias: podman rmi)

Github tomcat-containers Example

The tomcat-containers Github repository contains all the details of the work done for this review.

In addition to main README, supplementary README’s are used to focus on specific topics

  • BUILD.md - Setup and build within Eclipse, plus corrections to the CodeJava Tutorial

  • CONTAINERS.md - Build and deploy Bookstore container to Quay.IO and dockerhub

  • DOCKER.md - Build and test Bookstore using docker, docker compose

  • ECLIPSE.md - Eclipse setup

  • MARIADB.md - Install MariaDB container

  • MAVEN.md - Installing maven and configuring the version included with Eclipse

  • TOMCAT.md - Setup standalone Tomcat to test Bookstore maven builds

  • PODMAN-KUBE.md - Create and use podman play kube to test Bookstore

  • PODMAN.md - Test Bookstore using podman kube play and podman-compose.py

Recommendation

If you want the latest, greatest, Docker technology, and are happy to work with docker compose for multi-container development and testing, then Docker Desktop is the better choice. However, it lacks Kubernetes-like features, so other technologies are needed to test deployments, such as Kind, minikube, or Red Hat Openshift Local Also note Docker-Desktop may need to be licensed

To work directly with Kubernetes-like features for development, testing and deployment then the combination of Podman and Podman Desktop is the better choice. Commands like podman generate permit creating Kubernetes manifest files from running containers, and podman compose (executable or Python script) allows your existing docker compose files to be used. However, active community development and support means frequent updates may be needed to be latest stable release

On the Windows 11 Home edition laptops used for testing, podman was quicker to start, deploy and at running containers, especially using podman kube play but appeared slower at building when the base container image was not cached locally and had to be pulled.

Updates to Podman and Podman Desktop are much quicker to apply, but with podman in particular need to be done more frequently to be on the latest stable release.

Personally I found podman to be a bit easier to learn and use because the command syntax is slightly more consistent than docker, and Podman Desktop while less polished than Docker-Desktop is more than adequate

Based on this investigation I now prefer to avoid docker compose and to work with Podman and Podman Desktop using podman kube play. This way every phase of development, testing and deployment is using Kubernetes-like features, and podman secret can be used to avoid hard-coding passwords in configuration files, which tend to creep into your Git repositories! 😉

References