I can't express how much I dislike docker compared to Podman or just running bare metal. What a sysadmin nightmare.
Discussion
There are easier ways to run containers. I am an lxd fan.
I like LXD in certain circumstances. It's just not as easy to run podman-compose build and be done lol
Podman is the GOAT!
In my opinion, bare metal is great for those who know what they’re doing. However, many (and I really mean many) users struggle with fundamentals and put themselves at risk by opting for "easy" bare-metal setups. The number of times I’ve come across people running VPSs with OpenSSH servers exposed to the public internet with root access + password-based authentication enabled, no firewalls, no fail2ban or CrowdSec, and a "fire and forget" attitude (no regular updates, no monitoring and no attention to logs) is... concerning. My preference is to push users towards containerised setups exposing as little as possible. Ideally, only port 443 through a reverse proxy.