ive tested both hydrus and monbooru’s ram consumption, and these were the results:
❯ ps aux | grep hydrus ghost_u+ 38817 0.0 0.0 3748 2204 ? S 21:45 0:00 /usr/bin/bwrap --args 40 – hydrus_client ghost_u+ 38832 0.0 0.0 3852 1356 ? S 21:45 0:00 /usr/bin/bwrap --args 40 – hydrus_client ghost_u+ 38833 4.2 3.5 4824044 261588 ? Sl 21:45 0:09 python3 /app/bin/hydrus_client ghost_u+ 39613 0.0 0.0 231268 2420 pts/0 S+ 21:48 0:00 grep --color=auto hydrus
❯ docker stats monbooru --no-stream CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS 0a46831f9470 monbooru 0.00% 19MiB / 7.047GiB 0.26% 13.6MB / 54.3MB 14.4GB / 5.51GB 20
Docker automatically opens ports your containers need through iptables. Because of this, it bypasses rules set by
ufw, which is great.Podman does not do this afaik, and since it only runs rootless it’s a lot less risky as well.
You see, this is an issue for me because I don’t want my ports “automagically” being open, I want to know exactly which ports are in use and by which apps, I don’t want package manager to manage my ports. I know this sounds “old school” but I prefer to control my ports manually and I don’t want my iptables rules be a mess I can’t understand.
Maybe that’s more of a “me” issue than a docker issue, but anyway, I prefer to not use such software.
No I totally understand. This is why I use podman personally. You can use the same images as you would with docker, even its compose is pretty much exactly the same I think.