Top of my list as to why I prefer podman...
no "container root" / "docker group" = "host root" shenanigans
podman doesn't spew garbage and punch holes in my firewall (iptables)
(edit: formatting)
Top of my list as to why I prefer podman...
no "container root" / "docker group" = "host root" shenanigans
podman doesn't spew garbage and punch holes in my firewall (iptables)
(edit: formatting)
> podman doesn't spew garbage and punch holes in my firewall (iptables)
The way Docker silently rewrites iptables rules is just insane. It boggles my mind that someone thought that it would be a good idea, and that it survived a peer review.
It was a major contributor to why I didn't learn more about containers earlier on.