blog.liw.fiposts2025 I don't like Docker or Podman

Docker) is very popular software to build Linux container images and running software in them. I don't like it.

Podman is a re-implementation of the concept, command line interface, and file formats that is very close to identical to Docker. I don't like that either.

I know I'm in the minority about this, and that's OK. I'm not trying to get anyone else to stop using it, but I avoid it myself. This blog post rant is a summary of why.

  • Merely installing Docker on a machine has broken its network configuration, more than once. I now refuse to install it at all, except in a virtual machine for that purpose. I don't know why things broke, and I'm not interested in finding out why, as I don't want to use the software in any case.

  • The command line interface is really badly designed. It's ugly, hard to learn, difficult to remember, illogical, inconsistent, and just makes no sense to me at all.

  • The design of the language in Dockerfile is ad hoc in a bad way. It's difficult to understand, for me, and easy to make mistakes.

  • The documentation for Docker and its file formats is difficult for me to find things in. I find the documentation to be generally unhelpful, and this includes both the awful, badly formatted, non-idiomatic manual pages, and the maze of web pages published by the Docker company.

  • The Docker Hub, where people publish container images they've built, has a problem with malware, and licensing of the software in the containers. I don't want to have to be super-duper careful when using containers to avoid installing stuff that causes problems. I'm spoiled by decades of Debian use, and I want to trust my sources of software.

  • The state of the Docker Hub and its images also tells me the Docker company doesn't take any responsibility to avoid causing or spreading harm to others.

  • The images that I tell the Docker software to download or build are stored in a hidden location in my home directory. The directory can easily grow to tens of gigabytes with minor use of Docker. That was another nasty surprise. I can configure the location, but first I need to realize I need to.

Podman is nearly identical to Docker, from a user point of view. It's implementation is a little less likely to break things on my machines, but it's otherwise exactly as unpleasant and inconvenient to use as Docker is. I avoid Podman as well.

I've used systemd-nspawn fairly extensively to run things in containers. It's a much simpler container system than Docker, and I do not find it objectionable. I built a CI engine on top of it. But I don't use it either, any more.

I prefer to use virtual machines. They're slower to set up, and start up a little slower too, but they're convenient for me, and I understand them well. They also behave more like a real Linux system running on bare metal hardware than containers do. There are fewer limitations that get in my way.

This blog post is not a request for you try to explain Docker, Podman, or containers to me, or for you to tell me how I can learn more about them. I am not interested.