Podman?

[hrstoyanov]

Any plans to support Podman in Uncloud?

... No need to run docker daemon singke-point-of-failure in privileged mode, less memory consumption, etc.

[psviderski]

tl;dr Podman is not on our radar in the near future.

Please see the issue on the same question: #101 (comment)

Here is also my thoughts on the Podman support and rootless containers from Discord: https://discord.com/channels/1371726032104587335/1371736048832348200/1428220924108476446

Uncloud daemon on each machine itself is not rootless at the moment and uses a very similar control model to Docker. It requires root to only (re)configure network. Theoretically, we can separate it into two processes but it's one for now for simplicity. Not sure if this is concerning for your use case.

With regard to rootless containers (managing containers with non-root user + use user namespaces inside containers), I believe using rootless docker or even just enabling user namespaces in docker will provide a comparable security posture.

I think supporting two container runtimes at this stage would add a lot of overhead on development with little benefits for the majority of users (I could be wrong though). Also, given that the image push feature already has a dependency on containerd, it would require a custom implementation for the podman image store layout as well. See https://github.com/psviderski/unregistry project for details.

Overall, I think it makes more sense to add support for plain containerd to make container management more flexible if really needed (essentially how k8s replaced docker with containerd as the default container runtime). However, if there is a huge demand for podman with strong convincing reasons, then someone may try to develop at least a PoC first.
But I'm afraid that with the current dev/maintenance bandwidth, this is one of the things that might just kill the project.