Published in docker

From Docker Desktop to Podman

After years of using Docker Desktop for my containerization needs, I recently made the switch to Podman and I couldn't be happier with the decision. If you've been experiencing Docker Desktop's sluggish performance or are curious about more secure alternatives, this migration guide might be exactly what you're looking for.

Why I Left Docker Desktop Behind

I've been using Docker for years, and it's been an essential part of my development workflow. However, Docker Desktop on macOS has always felt... heavy. The constant background processes, the occasional memory spikes, and the general sluggishness during startup became increasingly frustrating, especially when working on resource-intensive Python projects.

It was time to look for alternatives.

Enter Podman: Security and Performance Combined

Podman emerged as the clear winner in my evaluation. What drew me in initially was its reputation for being more secure than Docker, but what kept me was its impressive performance and compatibility.

Security Advantages

One of Podman's biggest advantages over Docker is its rootless architecture. Unlike Docker, which requires a daemon running with root privileges, Podman runs containers as a regular user process. This means:

  • No privileged daemon: Podman doesn't need a background daemon running with root access
  • User namespaces: Containers run in user namespaces, providing better isolation
  • Reduced attack surface: Without a central daemon, there's less risk of privilege escalation attacks

This rootless approach significantly reduces the security risks associated with container runtime, making it particularly appealing for development environments where security is a concern.

Installation: Surprisingly Simple

The installation process on macOS was refreshingly straightforward. Gone are the days of downloading large installers and dealing with Docker Desktop's overhead.

# Install Podman 
brew install podman 

# Install podman-compose for docker-compose compatibility 
brew install podman-compose 

# Create an alias to make the transition seamless 
echo 'alias docker=podman' >> ~/.zshrc 
source ~/.zshrc

That's it. Three commands, and you're ready to go. The alias ensures that your existing muscle memory and scripts continue to work without modification.

Getting Started: Just Two Commands

Setting up your first Podman machine is equally simple:

# Initialize a new Podman machine
podman machine init

# Start the machine
podman machine start

The machine initialization sets up a lightweight Linux VM that handles container operations. Unlike Docker Desktop's resource-heavy approach, Podman's VM is lean and starts up quickly.

The Migration: Easier Than Expected

Here's where Podman truly shines—the migration was virtually seamless. Thanks to Podman's Docker-compatible CLI, I could continue using all my existing commands without modification:

# These commands work identically
podman run -it python:3.11 bash
podman build -t my-app .
podman ps
podman images

The compatibility extends beyond basic commands. Even complex Docker commands with multiple flags and volume mounts worked without any changes. My existing shell scripts and automation tools continued to function as if nothing had changed.

Starting Podman on boot

If you're using Podman on macOS, you've probably noticed that your Podman machine doesn't start automatically when you boot your system. This means you have to manually run podman machine start every time you restart your Mac, which can be frustrating when you're trying to get work done quickly.

The launchd system is macOS's built-in service management framework. We'll create a launch agent that automatically starts your Podman machine when you log in.

First, locate your Podman binary:

which podman

This will typically return /opt/homebrew/bin/podman if you installed via Homebrew.

Next up is making sure you have the Launch Agent directory present on your system:

mkdir -p ~/Library/LaunchAgents

Create a new file for the launch agent:

nano ~/Library/LaunchAgents/com.podman.machine.plist

In this file you add the following XML configuration:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.podman.machine</string>
    <key>ProgramArguments</key>
    <array>
        <string>/opt/homebrew/bin/podman</string>
        <string>machine</string>
        <string>start</string>
        <string>podman-machine-default</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
    <key>KeepAlive</key>
    <false/>
    <key>StandardErrorPath</key>
    <string>/tmp/podman-machine.err</string>
    <key>StandardOutPath</key>
    <string>/tmp/podman-machine.out</string>
</dict>
</plist>

Important: Make sure to update the path in <string>/opt/homebrew/bin/podman</string> to match the output from your which podman command if it's different.

Finally we launch the agent and make sure it's enabled to start at login:

# Launch agent
launchctl load ~/Library/LaunchAgents/com.podman.machine.plist

# Eanble on boot
launchctl enable gui/$(id -u)/com.podman.machine

# You can test this manually
launchctl start com.podman.machine

# Verify that the Podman machine is running
podman machine list

Performance Gains

The performance improvements have been substantial:

  • Faster startup: Podman machines start in seconds, not minutes
  • Lower memory footprint: No heavy daemon consuming resources in the background
  • Snappier container operations: Building, running, and managing containers feels more responsive
  • Better system integration: Less interference with other development tools

Conclusion

The migration from Docker Desktop to Podman has been one of the most painless tool switches I've experienced. The combination of improved security, better performance, and seamless compatibility makes Podman an compelling choice for developers looking to optimize their containerization workflow.

For Python developers like myself, the transition offers particular benefits: faster container builds, more efficient resource usage for development environments, and the peace of mind that comes with improved security practices.

If you're experiencing Docker Desktop fatigue or simply want to explore a more secure, performant alternative, I highly recommend giving Podman a try. The installation is quick, the learning curve is virtually non-existent, and the performance benefits are immediately noticeable.

The best part? You can always switch back if needed—but I doubt you'll want to.

This article was updated on

Comments

Featured Posts

Recommended Topics

powered by rc6.org