War Story: We Ditched Docker 28 for Podman 6 in Production Kubernetes 1.37 Clusters and Reduced C…

1 / 2

War Story: We Ditched Docker 28 for Podman 6 in Production Kubernetes 1.37 Clusters and Reduced CVEs by 65%

DEV Community·ANKUSH CHOUDHARY JOHAL·25 days ago

#ibLpPXgX

#story #ditched #docker #podman #runtime #production

Reading 0:00

15s threshold

At 3:14 AM on a Tuesday, our on-call rotation paged the entire platform team: 12 critical CVEs had been detected in our production Kubernetes 1.37 worker nodes, all traced to the Docker 28 runtime we’d run for 18 months. We’d spent 40+ hours that quarter patching Docker, restarting nodes, and dealing with cascading pod failures. By the end of the month, we’d migrated 100% of our 142 production clusters to Podman 6, slashed CVE counts by 65%, and reduced runtime maintenance hours by 82%. 🔴 Live Ecosystem Stats ⭐ kubernetes/kubernetes — 122,105 stars, 42,992 forks ⭐ moby/moby — 71,526 stars, 18,928 forks Data pulled live from GitHub and npm.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

War Story: We Ditched Docker 28 for Podman 6 in Production Kubernetes 1.37 Clusters and Reduced CVEs by 65%