-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathrootless-podman-usecases.xml
30 lines (30 loc) · 1.6 KB
/
rootless-podman-usecases.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE topic
[
<!ENTITY % entities SYSTEM "../common/generic-entities.ent">
%entities;
]>
<topic xml:id="rootless-podman-usecases"
role="glue" xml:lang="en"
xmlns="http://docbook.org/ns/docbook" version="5.2"
xmlns:its="http://www.w3.org/2005/11/its"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:trans="http://docbook.org/ns/transclusion">
<info>
<title>When to use rootless containers</title>
<meta name="maintainer" content="[email protected]" its:translate="no"/>
</info>
<para>
Improved security is the key advantage of using rootless containers. Similar to regular users, rootless containers cannot access and manipulate resources that require &rootuser; privileges. This safeguards the host system from malicious processes running within rootless containers.
</para>
<para>
Because running containers in rootless mode provides better security and normally does not require any additional configuration, use it as the default method of deploying containers in most situations.
</para>
<para>
A typical scenario for rootless containers would be running a development environment based on a Language Stack &bci;. As long as the development environment does not require write access to the system files on the host, you can run it as a rootless container.
</para>
<para>
Rootless containers also make it possible for multiple regular users to run containers on the same machine. This can be particularly useful for deploying containers in high-performance computing environments.
</para>
</topic>