Our original goal with Podman was to provide a fully-featured debugging experience for CRI-O, but it has become so much more. Podman 1.0.0 is a fully-featured container engine. It provides a Docker-compatible command line to ease the transition from other container engines. Most Podman commands can be run as a regular user, without requiring additional privileges. Furthermore, all of this is accomplished without a daemon!
Podman made its first public release, v0.2, a little less than a year ago. We’ve come a long way since then, adding new features like:
We’ve kept our eyes firmly on stability, fixing over 150 bugs. We’ve also worked on performance, making sure all common operations are optimized. While it is an iterative process, we are pleased with where we stand today. With that, we’re excited to announce that Podman is ready for prime time, and it is ready for you.
A key focus of Podman is around security. In addition to support for rootless containers, we’ve added many other security features. Great support for User Namespaces has resulted in better container separation. The
podman top command will tell you what security features are enabled for processes within containers. Podman’s daemonless fork/exec model preserves audit information on containers.
This is just the beginning, and we have plans for much more. For example, numerous improvements are planned for rootless Podman, pod support, the Varlink API, and automatic user namespace separation. If you find a feature missing from Podman, feel free to open an enhancement request on our Github. We love your feedback, and many of our best ideas come from users and contributors.
Finally, the Podman team would like to thank all our contributors. Everyone who submitted code, improved documentation, or reported bugs has been a great help.
A few of the biggest changes from Podman 1.0.0 include:
podman play kubecommand, which creates Podman pods based on Kubernetes pod YAML.
podman createcommands now support the
--initflag, to run a minimal init process in the container.
podman image signcommand to sign container images.
As always, please visit our release notes on GitHub to see the full changelog.
You can find instructions for installing Podman here