Last checked and updated on April 15, 2026What Is New in Podman 4.0
Podman 4.0 brings a major networking overhaul, enhanced container management, and improved integration with the broader container ecosystem. The update focuses on replacing the previous CNI stack with Netavark and Aardvark-dns for more robust networking and DNS resolution.
| Category | Key Changes |
|---|---|
| Networking | New Netavark network stack, Aardvark-dns for DNS, improved rootless networking, IPv6 support, and port forwarding to slirp4netns. |
| New Features | Quadlet for running containers as systemd services, Podman container labeling, and new container exit policies. |
| Improvements | Enhanced Docker Compose integration, better API support, improved pod start/stop performance, and new image volume options. |
| Deprecations & Removals | CNI networking is deprecated. The podman-remote client for Mac and Windows is now the primary method. |
Why did Podman completely change its networking stack?
The shift to Netavark and Aardvark-dns addresses fundamental limitations in the old CNI stack. This new stack is written in Rust and provides a more reliable, feature-rich foundation for both rootful and rootless containers.
Netavark and Aardvark-dns
Netavark handles the plumbing—creating network interfaces and managing IP addresses. Aardvark-dns is its companion for container name resolution. In practice, this means fixed IP assignment actually works reliably now, and DNS between containers on custom networks is seamless, even in rootless mode.
Rootless Networking Enhancements
Port forwarding now uses slirp4netns by default, which is a significant boost for rootless use cases. You can finally forward ports below 1024 without workarounds. The entire rootless networking experience is more stable and performs better.
What new features help with running containers under systemd?
Quadlet is a standout feature that simplifies generating systemd unit files from containers. This is a game-changer for production deployments where you need to manage containers as system services.
Instead of crafting complex systemctl files by hand, you create a much simpler .container file. Quadlet then translates this into a full systemd unit file at runtime. It massively reduces the boilerplate and potential for errors.
[Unit]
Description=A simple container
[Container]
Image=quay.io/nginx:latest
PodmanArgs=--name=web
[Service]
Restart=always
[Install]
WantedBy=multi-user.target
How has the Docker Compose experience improved?
Podman's Docker Compose support is now much more mature and reliable. The team has closed numerous compatibility gaps, making it a robust alternative to Docker Desktop for development workflows.
You can expect better handling of volume mounts, network definitions, and environment variables. For developers moving from Docker, this means your existing docker-compose.yml files are far more likely to just work without modification when using Podman.
What are the most important changes for the API and podman-remote?
The podman-remote client is now the standard for Mac and Windows, replacing the previous VM-based approach. This simplifies the client experience and improves performance.
On the API front, support for the Docker-compatible API has been expanded. New endpoints and improved functionality make it easier to integrate Podman into existing CI/CD pipelines and management tools that expect a Docker API.
FAQ
Is the CNI network stack still available in Podman 4.0?
CNI is deprecated but still present. It will be removed in a future release. The default and recommended stack is now Netavark with Aardvark-dns for all new installations.
Do I need to migrate my existing container networks?
Yes, for the best experience. Existing containers using CNI networks will continue to work, but you should migrate them to the new Netavark networks to gain the new features and ensure future compatibility.
How do I try Quadlet for my systemd services?
Place a .container file in ~/.config/containers/systemd/ (for user services) or /etc/containers/systemd/ (for system services). Systemd will automatically generate the unit file from it when needed.
What happened to the Podman machine VM on macOS?
The VM is still there, but the client interaction is now solely through podman-remote. This creates a cleaner separation between the client on your Mac and the Podman engine running inside the Linux VM.
Can I now use IPv6 with Podman easily?
Yes, IPv6 support is a key feature of the new Netavark networking stack. It handles IPv6 addressing and routing much more effectively than the previous CNI implementation.