podman
1.TH How to use libpod for custom/derivative projects2.PP3libpod today is a Golang library and a CLI. The choice of interface you make has advantages and disadvantages.4.SH Running as a subprocess6.PP7Advantages:8.RS10.IP \(bu 211Many commands output JSON12.IP \(bu 213Works with languages other than Golang14.IP \(bu 215Easy to get started16.RE18.PP20Disadvantages:21.RS23.IP \(bu 224Error handling is harder25.IP \(bu 226May be slower27.IP \(bu 228Can't hook into or control low\-level things like how images are pulled29.RE31.SH Vendoring into a Go project33.PP34Advantages:35.RS37.IP \(bu 238Significant power and control39.RE41.PP43Disadvantages:44.RS46.IP \(bu 247You are now on the hook for container runtime security updates (partially, \fB\fCrunc\fR/\fB\fCcrun\fR are separate)48.IP \(bu 249Binary size50.IP \(bu 251Potential skew between multiple libpod versions operating on the same storage can cause problems52.RE54.SH Making the choice56.PP57A good question to ask first is: Do you want users to be able to use \fB\fCpodman\fR to manipulate the containers created by your project?58If so, that makes it more likely that you want to run \fB\fCpodman\fR as a subprocess. If you want a separate image store and a fundamentally59different experience; if what you're doing with containers is quite different from those created by the \fB\fCpodman\fR CLI,60that may drive you towards vendoring.61