[mleonard]

How does Sysbox compare to Podman?

(If I remember correctly you can run systemd in a podman container and/or run a podman container with systemd.

[rmolina]

We haven't had enough cycles to look at Podman in details (yet), but my understanding is that Podman and Docker serve similar purposes: they are high-level runtimes. (i'm obviating important nuances though and i'm not podman expert).

Sysbox, on the other hand, acts as a low-level runtime (same as runc), so we could potentially integrate with Podman too. In fact, we could _potentially_ integrate with anything that speaks OCI spec.

Having said that, we are not there yet, as for example sysbox wouldn't work with Podman in rootless mode right now; it should work in regular mode though, but we haven't tried it yet. If we accomplish this, it would allow podman to launch a larger set of applications too, same as we are doing for Docker.

[jdoss]

Podman can use runc or their own runtime crun https://github.com/containers/crun so it should be able to work without much drama :tm:

[rmolina]

Interesting. Thanks @jdoss!

[Klasiaster]

Yes, the situation even improved with the latest releases:

  podman run -ti --security-opt label=disable --security-opt seccomp=unconfined --cap-add SYS_ADMIN --env STORAGE_DRIVER=vfs quay.io/podman/stable sh -c "dnf update -y; podman run hello-world"

[ctalledo]

Thanks; one thing I may have omitted mentioning is that Sysbox works with the fast overlayfs storage driver, meaning that when you do use it for Docker-in-Docker for example, both the outer Docker and the inner Docker are using overlayfs (as opposed to the slower vfs driver).