Docker is still excellent, but for my workflow Podman is the better default. I use it for both local development and home infrastructure.

1. Daemonless architecture

Docker relies on a central daemon. Podman does not.

Why that matters:

  • Fewer moving parts
  • Better process model (containers are normal child processes)
  • Easier troubleshooting with standard Linux tools

2. Rootless-first model

Podman makes rootless containers a normal path, not an afterthought.

Benefits:

  • Smaller blast radius if a container is compromised
  • Better multi-user isolation
  • Cleaner security posture for personal servers

3. CLI compatibility with Docker habits

Most day-to-day commands map directly:

1
2
3
4
5
podman pull nginx
podman run -d --name web -p 8080:80 nginx
podman ps
podman logs -f web
podman exec -it web sh

If needed, aliasing docker=podman works for many workflows.

4. Systemd integration is excellent

For homelab services, systemd integration is a major win.

You can generate and manage service units cleanly, then use standard host tooling for restart policies, dependencies, and startup ordering.

5. Compose support is good enough for real use

With podman compose, most common Compose files run fine. For advanced edge cases, small syntax tweaks are sometimes needed, but for Pi-hole, reverse proxies, monitoring, and app stacks it is usually smooth.

6. Better fit for NixOS and immutable workflows

In NixOS-centric setups, daemonless tools and declarative service definitions align well. Podman feels natural in that model, especially when combining:

  • Declarative host config in Nix
  • Container workload separation
  • Reproducible rebuild mindset

Where Docker still wins

I still pick Docker when:

  • A team depends on Docker Desktop specific integrations
  • Vendor docs/scripts assume Docker-only behavior
  • A CI environment is already standardized around Docker daemon features

Use the tool that matches constraints, not ideology.

Quick migration pattern

  1. Install Podman.
  2. Start by running existing containers with podman run.
  3. Move compose projects with podman compose up -d.
  4. Validate volumes, network names, and health checks.
  5. Convert long-running services to systemd-managed units.

Bottom line

Podman gives me safer defaults, less daemon complexity, and better Linux-native operations. For solo projects and homelab services, that tradeoff is usually worth it.