Because there's no central daemon, Podman allows you to perform operations in parallel.

Multiple
users can run containers and pods simultaneously without conflicts, as there's no contention for a
central daemon.

6. Simplicity and Ease of Use:

The absence of a central daemon simplifies the user experience. Podman commands are more
predictable and closely mimic traditional command-line utilities. Users don't have to worry about
managing the state of the daemon or dealing with daemon-specific issues.

7. Compatibility with Docker:

Podman strives to be compatible with Docker commands and container images. This means that
users familiar with Docker can often transition to Podman with minimal friction.

8. Containers as Child Processes:

In Podman, containers are essentially treated as child processes. When you run a Podman command
to start a container, it's like starting any other process on your system, making it easier to understand
and manage.

Here are some common Podman commands for managing containers without a daemon:

 `podman run`: Launch a container.

 `podman ps`: List running containers.
 `podman stop`: Stop a running container.
 `podman rm`: Remove a stopped container.
 `podman pod create`: Create a pod for grouping containers.
 `podman pod add`: Add containers to a pod.
 `podman pod start`: Start containers within a pod.
 `podman pod stop`: Stop containers within a pod.
 `podman pod rm`: Remove a pod and its containers.
 `podman inspect`: View detailed information about containers, pods, and images.

Podman's daemon less architecture offers more control, better security, and simplified container
management, making it a versatile choice for containerization needs.

9. Security:

Without a long-running daemon, there is no single point of entry for attackers to compromise the
container runtime. Each container operation runs as the user, reducing the potential attack surface.

10. Resource Efficiency:

Podman consumes fewer system resources because it doesn't need to maintain a background
daemon process. This can be beneficial for systems with limited resources or in scenarios where
resource usage needs to be tightly controlled.

11. User-Based Access Control:

With Podman, container operations are tied to the user's permissions. Users can create, manage, and
run containers without needing superuser privileges, enhancing security and enabling fine-grained
access control.

12. Multi-User Support:

Multiple users can independently use Podman to manage containers on the same system without
conflicts or contention for resources.

13. Portability:

Podman's "no daemon" approach makes it suitable for various deployment scenarios, including
development, testing, and production environments. It doesn't impose the requirement of running a
daemon process.

Here are some common Podman commands and how they relate to the absence of a daemon:

 `podman run`: This command directly creates and runs containers without needing a
daemon. The container runs as a child process of the `podman` command and inherits the
user's permissions.
 `podman ps`: It lists the running containers, and again, this information is retrieved without
relying on a daemon.
 `podman images`: Lists the container images available on the system. No daemon is required
to maintain an image repository.
 `podman pod`: Manages pods, which are groups of containers. Pods, like individual
containers, don't rely on a background daemon.
 `podman build`: Builds container images using a specified Dockerfile. The image is built
directly from the command without involving a daemon.
 `podman volume`: Manages storage volumes for containers. No daemon is needed to
manage these volumes.

14. Container Lifecycle Management:

Containers created with Podman remain running as long as their processes are active. Podman
doesn't require a separate daemon to keep containers alive.

15. Parallel Execution:

Podman can perform tasks in parallel when appropriate, thanks to its daemon less architecture. This
can lead to faster container operations, especially in scenarios involving multiple containers.
16. No Need for Sudo:

Running containers with Podman often does not require the use of `sudo` or administrative
privileges, making it more accessible to non-admin users.

17. Pods Management:

Podman introduced the concept of pods to group containers together. The management of pods and
containers within them is also daemon less and user-friendly.

This "no daemon" architecture aligns with the principles of simplicity, security, and resource
efficiency, making Podman a compelling choice for container management, especially in
environments were minimizing overhead and enhancing security are important considerations.

In summary, Podman's daemon less approach is designed to simplify container management,

enhance security, and make it easier for users to work with containers directly from the command
line without needing a background daemon. This approach has gained popularity in containerization
environments where security and ease of use are essential considerations.

Rootless Containers:

Rootless containers in Podman allow you to run containers as a non-root user, providing improved
security by reducing the attack surface and minimizing the potential impact of container
vulnerabilities. With rootless containers, you don't need root (administrator) privileges to create and
manage containers. Here's how to work with rootless containers in Podman:

1. Enable Rootless Containers:

Ensure that rootless containers are enabled on your system. Podman typically supports rootless
containers out of the box, but it's essential to verify that your system's configuration allows it. You
may need to set some environment variables, such as `USERNS_MNT` or `CGROUPS` if they aren't
already set correctly.

2. Run Containers as a Non-Root User:

To run a rootless container, use the `--userns=keep-id` option with the `podman run` command:

#podman run --userns=keep-id -d my-rootless-container-image

#podman run -d --name my-rootless-container nginx

This command creates a detached container named "my-rootless-container" running the Nginx web
server.
This command starts a rootless container from the specified image. The `--userns=keep-id` option
ensures that the container uses the same user and group IDs as the calling user.

3. Manage Containers as a Non-Root User:

With rootless containers, you can perform various container management tasks as a regular user,
such as creating, starting, stopping, and removing containers.

For example, you can create a directory for storing container data:

Then, run a rootless container and mount the directory into it:

#podman run --userns=keep-id -d -v ~/my-container-data:/container-data my-rootless-container-

image

This allows you to manage container data without needing root privileges.

4. Viewing Rootless Containers:

To list running rootless containers, you can use:

#podman ps

5. Interacting with Rootless Containers:

You can interact with rootless containers just like regular containers. For example, you can use
`podman exec` to run commands inside a rootless container:

#podman exec -it my-rootless-container /bin/bash

This command starts a shell session inside the specified container.

6. Networking with Rootless Containers:

Rootless containers are typically networked using a user network stack, which isolates them from the
host's network stack. You can still map ports and use container-to-container networking.

7. Rootless Podman Pods:

Podman also supports rootless pods. You can create and manage pods with multiple rootless
containers. The commands for rootless pods are like those for regular pods, as discussed earlier.

8. Storage Volumes:
Rootless containers can use storage volumes and bind mounts, just like regular containers. You can
mount directories and use volumes to store and share data.

#podman run -v /path/on/host:/path/in/container my-image

9. Stopping and Removing Rootless Containers:

To stop and remove rootless containers, you can use the same `podman stop` and `podman rm`
commands as you would with regular containers.

#podman stop my-container

#podman rm my-container

10. Limitations and Considerations:

 Rootless containers may have limitations in terms of accessing certain system resources and
features. For instance, some networking features may not be available to rootless containers.
 Port mapping and binding to privileged ports (ports below 1024) might require additional
configuration.
 Not all container images are designed to work seamlessly with rootless containers. Some
containers may assume that they run with full root privileges and could encounter issues.

11. Rootless Podman:

Podman also supports running pods in rootless mode, allowing you to group containers together in a
pod while maintaining the security benefits of rootless containers.

12. Advanced Configuration:

Rootless containers can have some limitations compared to containers with root privileges,
particularly when it comes to certain low-level features and resource access. Be aware of these
limitations and plan your container usage accordingly.

12. Clean Up: