DDEV 1.25.0 Podman and Docker Rootless: What Actually Changes
DDEV 1.25.0 ships experimental support for Podman and Docker rootless. This opens up corporate-friendly runtimes, but introduces trade-offs that the announcement does not emphasize enough.
I built a CLI that audits your global_config.yaml so you know before you flip the switch.
The Claim
"DDEV 1.25.0 adds experimental support for both Podman and Docker rootless."
— DDEV Blog, Podman and Docker Rootless
"Experimental" means what it says. DDEV is being transparent about the maturity level here, which I respect. But teams need to understand the specific configuration requirements before committing to Podman or rootless Docker in shared environments.
What Actually Changes
- Podman on macOS
- Docker Rootless
| Setting | Required Value | Why |
|---|---|---|
| Router HTTP port | 8080 | Podman on macOS cannot bind to port 80 |
| Router HTTPS port | 8443 | Podman on macOS cannot bind to port 443 |
| Global config location | $HOME/.ddev or XDG path | Standard DDEV config path |
router_http_port: "8080"
router_https_port: "8443"
| Setting | Required Value | Why |
|---|---|---|
| Bind mount mode | no-bind-mounts | Docker rootless cannot use bind mounts |
| Global config location | $HOME/.ddev or XDG path | Standard DDEV config path |
no_bind_mounts: true
The Real Trade-offs
| Feature | Standard Docker | Podman (macOS) | Docker Rootless |
|---|---|---|---|
| Port 80/443 binding | Yes | No — needs 8080/8443 | Yes (with caveats) |
| Bind mounts | Yes | Yes | No — requires no-bind-mounts |
| Corporate policy friendly | Depends | Yes | Yes |
| Config changes required | None | Port overrides | Mount mode change |
| Maturity | Stable | Experimental | Experimental |
If your team shares DDEV config via repo-committed .ddev/config.yaml, switching to Podman or rootless Docker means everyone on the team needs matching global config. One developer with default ports and another with 8080/8443 will produce different environments. Coordinate before switching.
What I Built
A CLI that audits global_config.yaml and flags missing settings for Podman or Docker rootless, with a focused checklist for macOS Podman users.
Full macOS Podman checklist
- Install Podman via Homebrew or official package
- Ensure
global_config.yamlsetsrouter_http_port: "8080" - Ensure
global_config.yamlsetsrouter_https_port: "8443" - Verify Podman machine is running (
podman machine start) - Run
ddev startand confirm routing works on new ports - Update team documentation with new port numbers
- Check browser bookmarks and proxy configs for port changes
What I Learned
- DDEV 1.25.0 adds experimental support for both Podman and Docker rootless.
- Podman on macOS cannot bind to ports 80/443, so DDEV needs router ports set to 8080/8443.
- Docker rootless cannot use bind mounts, so
no-bind-mountsmode is required. - DDEV global configuration lives in
global_config.yaml, and the config can live under$HOME/.ddevor an XDG location. - The biggest risk is not the runtime change itself. It is team coordination around shared config.
Why this matters for Drupal and WordPress
DDEV is the most widely used local development environment for both Drupal and WordPress projects. Podman and Docker rootless support matters for agencies and enterprise teams whose corporate policies prohibit Docker Desktop or require rootless containers. Drupal and WordPress developers sharing .ddev/config.yaml via git need to coordinate runtime choices across the team — one developer on Podman with port 8080 and another on standard Docker with port 80 will produce inconsistent local environments.
References
Looking for an Architect who doesn't just write code, but builds the AI systems that multiply your team's output? View my enterprise CMS case studies at victorjimenezdev.github.io or connect with me on LinkedIn.