|
|
|
|
|
|
by eriksjolund
1306 days ago
|
|
|
Podman has a feature that Docker does not yet have: Socket activation of containers.
I created a proof-of-concept demo of how to run an nginx container with rootless Podman and socket activation. Using socket activation has some security and performance advantages: - Native network performance over the socket-activated socket - Possibility to restrict the network in the container - Possibility to at the same time restrict the network in Podman and the OCI runtime - The source IP address is preserved - Podman installation size can be reduced |
|
|