Podman is an open-source container runtime and management tool originally developed by Red Hat. Podman, along with a set of command line tools that handle different aspects of container management, work as a modular framework. Podman employs a daemon-less architecture and launches containers as child processes that do not require superuser privileges.
Since Podman is rootless by design, and can be easily configured to run in rootless mode, AI Workbench uses rootless Podman, configured to run as a non-root user.
Rootless podman with its daemon-less architecture reduces the attack surface for potential security vulnerabilities
Free to use; modular framework makes it lightweight
Uses Container Device Interface (CDI) to attach GPUs to containers
Building images is slower than Docker
Podman on MacOS isn’t as well supported with several open issues being tracked. AI Workbench manages creation of a “podman machine” VM to support running Podman, but this can be fragile.