Stop Using Docker. Use Open Source Instead

you know how people say Google it to describe  any online search where I'm from we use Jeep to describe any 4x4 vehicle the same goes for  Zoom when describing video conferencing this is exactly what happens with Docker think about it  you use Docker Bill Docker tag Docker cre Docker run I've been doing the same for over 10 years now  as a devops engineer and then as a cloud architect but it's 2024 and there are different container  run times now look at the most popular kubernetes services for example they're not actually running  Docker the back and runtime is something else like container D these Alternatives follow the oci  which is the open container initiative which was created to standardized container specifications  so you're not locked into one solution but why am I even telling you this well Docker the  company wasn't making enough money about 2 years ago they decided to monetize their CLI  usage for instance when you use Docker push or Docker pull without specifying a registry  the docker CLI automatically uses dockerhub their manage registry but dockerhub is in the  only option suddenly companies using dockerhub for pushing and pulling images throughout the day  started hitting rate limits their work ground to a halt unless they pay Docker for a token sure you  can solve this by switching Registries use awcr Google GCR GitHub Quay and a bunch of others but  here's the real issue just like dockerhub you now have to pay to use Docker on your own machine if  you're on a Mac running Docker desktop for example and you're running Docker build or Docker run  Docker push etc for commercial purposes you might be breaking the law and if you don't want to end  up floating in the middle of the ocean locked in a shipping container because that's what they do  with container criminals right you might want to reconsider your next move if your company isn't  paying for Docker licenses consider podman it's open source it does everything Docker does so  basically a drop-in replacement with a simpler CLI that's free for both commercial and personal  use it's faster it's safer it's demm and less and we'll get to all of that and here's how it works  podman as the landing page suggests is the best free and open source container tool system and it  is downloadable for any major platform to make my life easier I just went with Brew but any method  works with podman ready to go we can start using its Man pages for all options and necessary  explanations which are also available in its brief version through the help flag okay let's get  cracking the first thing you want to do if you're not right running on Linux is creating a podman  machine containers run natively on Linux platforms and in my case Mac OS requires an intermediary  when it's initiated you can start it and there we are podman machine LS will provide the list  of running machines and as a nual hipster I have to show off and detect columns to have a pretty  table machine data that I can select the name from specifically more unnal and how it improved  my workflow in the video above I've mentioned that podman is first and foremost a drop in replacement  for Docker and it is we can search for images with podman search here's a list of available red  images which again I'll pretty print with my shell to make them more readable podman comes with  a very useful filter flag allowing us to grab only official images which is what you're looking  for nine out of 10 times unless you're a fan of running Rogue applications built in the Wild by  strangers let's run a container much like Docker we provide a port mapping an image and all other  flags that translate directly you can basically alas Docker to podman and for the most part  you're not going to see the difference so engine X is running let's grab a browser and prove  that there's no black magic here and there we are welcome to engine X like Docker PS pman PS shows  running containers like Docker podman uses minus D to run detached containers in the background  here's engine X again and here's the container listed by podman with all the usuals as Docker  outputs in ID image command status ports and those r names which if you ever wondering how they make  out these great names it's not AI it's just a long long dictionary of names combined together into  hilarious results before we dive in let me tell you about today's sponsor twing gate the smart  way to secure your remote access you know how traditional vpns are like having a single Fortress  gate once someone's in they can wander anywhere well twin gate flips this model on its head with  zero trust security think of it as a modern city where every District requires its own access path  much safer right but here's what's really cool especially For You developers out there twing  a now seamlessly integrates with kubernetes so instead of bouncing between engineering and it  teams you can configure secure access right in your yaml files it's all part of the regular  engineering flow no contact switching needed setup takes minutes not days and works across  all of your devices plus you get Enterprise grade security without the Enterprise grade headaches  whether you're managing a remote team or running complex kubernetes deployments twing gate handles  the security heavy lifting and you can focus on what really matters building great software ready  to level up your remote access security head over to tate.com for a free trial and see why thousands  of teams trust twing gate with their secure access needs so our stoic Woo is ready to be killed we  can use the name or ID let's go with the ID and it's gone now here's a trick for you container  users both Docker and podman support PS minus Q resulting in a quiet list of IDs so you can do it  with any number of containers but especially when you have one of them you can run podman kill and  then wrapped in a subshell command grab the ID of the container you have using podman PS minus Q  if there's more than one you can pick the last one using minus minus last one moving on like  Docker pman has the top subcommand with running processes which if we tidy up a little shows the  current container it's running processes and how much they're consuming now here's an important  differentiator of podman while Docker needs its Docker socket to run which is also running as root  podman is demon lless and rootless if you grab processes mentioning podman there are none but  Docker needs a bunch of them let's grab the user off of the ls output for Docker socket to prove  the point so these are critical but rather basic differences you're not going to mine daily what  is actually the best selling point for podman is actually in its name pods if you're thinking about  kubernetes you're not alone podman unlike Docker lets you gather multiple containers in pods and  have them run together to access them through the CLI podman comes with podman pod which we can then  run PS on to grab a list of running pods let's create one and name it web app sorry for the lack  of creativity here now you may be surprised this seats already running even before we even told it  to run anything every pods runs an internal infra container an infra container is a lightweight  container used to coordinate the shed kernel namespace of a pod which is just fancy words  saying it's an admin layer to help making sure everything is in order let's pour some stuff into  the new P we can run minus D for detached point the command to so name the container red and run  well redish we've got too much information here to view the running containers so let's grab the  not so beautifully parsed number under the column named hash showing us two of them we can also run  pod inspect to see the same Json including both hash and state okay let's test it the nice thing  about containers in a pod is that they don't have to have anything special to communicate with  each other and can basically ping each other using Local Host let's run a third container in  the Pod using minus minus RM we'll make sure it's deleted as soon as it's exited and use reddis CLI  with Local Host as the target host to send a redis command and let's write the key named my key which  will hold hello from reddis we've got good result from the server which is nice so let's run another  verification to read the key same idea just get my key and there's our string hello from redes cool  so far nothing fancy but it works if you want to run a container and connect to it within the Pod  same as with Docker we can exit into it connecting to a shell since Alpine doesn't come with bash  we'll just use the oldest Sage install R quickly and send a ready sping to Local Host that comes  back with pong all working as expected by the way here's something cool by reddish if we try to crl  Local Host with reddish port and just to see what happens in a split let's pop the red logs on  screen I get an empty reply from the server but the logs below actually showing redis has  detected my attempt as a security attack so it blocks non-standard radi communication altogether  I didn't know that is even possible before right so far so good but if you're using or planning to  use kubernetes the next feature is a real killer let's let's say that we want to create a separate  new application with engine X and postgress as an example we'll run engine X and call it web and  then run postgress and call it DB check this out we can now run podman generate Cube web DB  and I'll send it to a yaml file so we can easily review the output now look at that a kubernetes  caml ready to go using my two containers in a pod with volumes mounts and everything you need to  throw it in a cluster but before we'll do that we have a yaml right what if we want to recreate  it check this podman play cube and a yaml lets you run the kubernetes yaml files describing your  pods locally with our deployment running podman PS reveals engine X and postgress just started  and running podman pod PS shows it as a running pod are you thinking what I'm thinking there's  no way this actually runs in a cluster so let's do exactly that first off a small adjustment  our deployment holds volumes and I'd have to create them in kubernetes with this name so  let me elegantly shorten the name and send the volume Mount to basically nowhere using empty  deer if these kind of things interest you and you want to dive deeper check this out if all that  kubernetes stock is actually getting you curious and you'd like to jump in I have a getting started  self-based digital Workshop just for you it'll get you from absolute novice to running your own  cluster with a running web application a database and everything you need to get yourself familiar  with the basics and create some working experience check the description for more with the yam ready  let's make sure mini cube is on mini cube is also covered thoroughly in my workshop if that's of  Interest okay the cluster is empty let's apply the Pod and voila it's created now there's an  error due to postris naturally not being able to find the volume but nevertheless the code is  applied and accepted by the cluster that is a big win we can even query some logs with cctl to see  engine ex starting its workers in the background last but very much not least podman comes with  podman desktop a UI that does a lot when you first first launch it it offers onboarding with  some extremely useful extensions like being able to use podman compose like Docker compose with  existing setups out of the box as well as cube CTL for other options from within the UI with that out  of the way here's the UI showing podman and Docker running will kill Docker for a minute to show the  indication turning off under the containers tab we get all of the containers in the system whether  active or exited choosing a running container will present some data live feed of logs we can inspect  the config from the UI and get a kubernetes manifest ready for deployment but beyond all  that there's a terminal shell attached to the container which we can use directly to debug my  container immediately that's some good stuff right there here's our web up pod from earlier showing  multiple containers running under the same roof we can also see images downloaded volumes in the  system and get this a kubernetes dashboard what this is worth having even if you skip everything  I've said so far let's get Docker back on so we can have our local Mini Cube back in operation  and with mini Cube on here's everything in a UI the mini Cube nodes Services yaml config Maps  even an option to configure port forwarding now while this is currently pointing at my local Mini  Cube I can change it to any other cluster I have configured and explore it remotely using podman  desktop so you've got yourself an open-source alternative to Docker and you're almost ready to  take on kubernetes but a container manager is just to start here's a video with extremely useful  tools I incorporated into my own workflow over the past decade I'm sure you'll be surprised thank  you for watching and I'll see you on the next one

Supercharge your security with Twingate: https://www.twingate.com/pricing?utm_source=youtube&utm_medium=referral&utm_campaign=devopstoolbox_q1_2025 ✅ Build a Second Brain With Neovim in Under 90 Minutes: https://learn.omerxx.com/courses/second-brain-neovim ✅ Zero To KNOWING Kubernetes in Under 90 Minutes: https://learn.omerxx.com/courses/k8s-from-scratch Podman is the open source alternative to Docker, but it's more than just OSS, rootless containers, no hypervisor, running local pods and generating kubernetes resources is only part of what this toolkit can do! - https://podman.io - https://github.com/omerxx/dotfiles ⌨️ The keyboard on this video is the Dygma Defy: http://dygma.com/DEVOPSTOOLBOX ⚡ Tech I use: https://kit.co/omerxx/my-battle-station