1.5 KiB
1.5 KiB
Docker-Specific Guide
Docker vs Podman
This project prioritizes Podman (OCI-compliant, rootless, daemonless). For Docker, convert commands:
# Podman → Docker
podman build -t name . → docker build -t name .
podman run -d name → docker run -d name
Key Differences
SELinux
Podman: Native support, use :Z or :z for volumes
podman run -v ./data:/data:Z name
Docker: Requires selinux mount option
docker run -v ./data:/data:Z name # May not work
docker run --security-opt label=type:container_t name
Rootless
Podman: Default rootless operation
podman run -d -p 8080:8080 name # Works as user
Docker: Requires rootless daemon setup
dockerd-rootless-setuptool.sh install
Systemd
Podman: Native integration
podman generate systemd --new name
Docker: Use third-party solutions
Docker Files
Use Dockerfile instead of Containerfile:
docker build -f assets/Dockerfile.alpine -t argparse-builder .
Docker Compose
Standard docker-compose.yml works, but note SELinux limitations:
services:
app:
volumes:
- ./data:/data # No :Z support in Docker Compose
Workaround:
chcon -Rt container_file_t ./data # Pre-label directory
Migration to Podman
- Replace
dockerwithpodmanin commands - Add
:Zto volume mounts for SELinux - Use rootless by default
- Generate systemd units with Podman
See docs/container.md for full Podman guide.