Larvitz  1d ago

Running Podman  in production for years now, and I don't miss the Docker daemon one bit.

I just published a deep dive on managing OCI containers the Unix way: daemonless, rootless, and natively integrated with systemd via Quadlets.

I cover:
- Real secrets management
- Auto-updates via systemd timers
- The Docker compatibility layer

This is the guide I wish I had when making the switch.

Read it here: https://blog.hofstede.it/podman-in-production-quadlets-secrets-auto-updates-and-docker-compatibility/

#Podman #Linux #DevOps #Systemd #Homelab #Sysadmin #Containers

Podman in Production: Quadlets, Secrets, Auto-Updates, and Docker Compatibility

An opinionated production-ops guide to Podman on Linux servers - why I prefer it over Docker, how Quadlets replace Compose files, and practical patterns from real deployments including secrets mana...

Larvitz Blog
Show threadKayla Eilhart (en)
@Larvitz amazing guide, thanks for that! I started to write something similar last year, but never got far.

I quickly skimmed it and I have one practical tip though: It would be good to add how to create a service user, configure lingering, set XDG_RUNTIME_DIR and check if podman is working properly (including reboots, in some cases podman falls back to keep running data on file system which is persistent, not temporary, and refuses to start) - you'd never guess how I struggled with it a few years ago when I was starting with podman on a remote VM over ssh.

And I especially thank you for showing the traefik approach! I'm now manually configuring nginx, and it's quite a boring task.
Apr 6 at 6:21amWeb