can anyone give a good explanation what is the core difference between podman vs toolbox vs flatpak.
i never use toolbox and i dont know why it is present podman is ok as it is a docker like but where toolbox can be used and the differences that those can’t do.?
1 Like
All of them use “container technology”.
podman/toolbox/distrobox are in one camp: they all use podman/docker containers. That is, they use an “image” which contains base system parts and possibly multiple apps, and then start one or multiple containers from that image which you can think of as very lean virtual machines (they are not full vms, though) or a rich runtime environment. You can “enter” a container and install addidtional apps, for example.
By default, podman containers are quite isolated from your system and allow you to have lean test environments (compared to a vm). In order to run graphical apps (which access your display server), access your files from within the container etc. you would need to set up special permissions for the podman container. Toolbox/distrobox do just that: they use podman with a set of permissions (and mounts etc.) so that you can easily run apps inside the container to work on your files outside the container etc., at the expense of giving up the default isolation.
Toolbox/distrobox differ mostly in implementation details. In particular, toolbox needs (or works best) with special toolbox images (docker images set-up for toolbox use), whereas distrobox uses standard docker images and configures everything on the fly (when starting a container off that image).
Flatpak uses container technology to package a single app or runtime and its dependencies - a common large set of dependencies is often put into a “runtime flatpak” so that “app flatpaks” do not need to bundle them, too. You can think of it as an image with an almost immutable container - you cannot install additional apps “into” a an installed flatpak, for example. You can install additional flatpaks, of course. Flatpak apps can be well isolated from the system, requesting only necessary permissions - but some flatpaks simply (for simplicity) request everything and the kitchen sink, in which case you have no isolation at all.
So, you would use podman for isolated test environments and flatpak to install apps which you cannot get otherwise.
Toolbox/distrobox are a mixed bag - they promise to give you runtime environments with different distros, but by default they share config with your system. This can be quite useful, and it can mess up your existing config.
2 Likes
Podman is a container manager, while toolbox and distrobox are pet containers that are run by Podman using the systems container runtime (crun). Podman is a Daemonless container manager unlike Docker which uses a Daemon, therefore any user can run Podman and not have to give it’s session root access. Flatpak also uses container technology but is more in line with what ostree does since it provides a complete stack for the app that is flatpak’d. Flatpaks are also more sandboxed but some leak pretty bad depending on their intended use.
[Edit] So containers are environments of their own usually, but toolbox and distrobox use the users home and other environment variables to make a pretty seamless environment interaction with the Host system.