Kubernetes, or k8s, is a clustering software for what is commonly called OCI containers (Open Cloud Initiative). OCI is an organization formed from Docker Inc, Google, Red Hat I believe and others. The general idea behind OCI is that they make rules for how container technology should be created.
The original one was Docker. Podman is a Red Hat counterpart. K8s was initially using docker IIRC, but Google needed something better, so they made their own stuff. Docker itself was originally running on LXC (I’ll get to that later), but then made its own thing.
K8s, again, is a clustering software, like Docker Swarm which someone mentioned. Certain K8s stacks can run in single mode. Examples of K8s stacks include: Google Kubernetes, k3s, k0s and Canonical’s microk8s.
Google k8s is hard to get into and there’s even certifications for it. Completely overkill for home and requires quite the setup. It is the OpenStack of OCI world. People at home don’t run OpenStack, they just use Proxmox, XCP-ng, TrueNAS, or virt-manager among others.
On the k8s stacks, a lot of people praise SUSE / RancherLabs’ Rancher. Supposedly it is a really easy way to run k3s. All of the 3 mentioned, k3s, k0s and microk8s are lightweight OCI containers clustering software.
Think of Docker and Podman like of Oracle VirtualBox () and Virt-Manager. These are meant to run OCI containers in only one machine. The k8s stacks are like OpenStack or OpenNebula, you are meant to run stuff on multiple servers (although OpenNebula and certain k8s stacks can run in single server mode).
I know microk8s is the easier to deploy, for better or worse. But I don’t think it has a rootless mode, which is what you are looking for.
I know k3s has an experimental rootless option, but it’s not yet ready for prime time. In the site above, none of the k8s stacks appear, because their management software (probably) is running as root. In a k8s stack, you generally want to be able to more easily control stuff like networking, known ports binding and more, which is why root is required and why big companies don’t care about rootless stuff. Adding these features to a rootless software adds complexity, which eventually you need to leverage root for anyway.
As you may or may not know, there are 2 general types of containers nowadays: application containers (generally all defined as OCI containers) and OS containers (of which LXC is part of). LXC got mentioned in the link as being able to run rootless, but funnily enough, not LXD, which leverages LXC (I have to give that a read). OS containers are kinda what they say they are: entire operating systems in a single environment, meant to run one or more programs in tandem - they are a replacement for VMs (for the most part).
Other software praised are Portainer. Portainer is the easiest to deploy with microk8s, but it’s supposedly not that hard to use with k3s either.
For properly running rootless (OCI) containers, Podman is the only one that is ready for use, because it does not require more OS level stuff (like access over the network) which require root privileges. So you are looking in the right direction.
I only run LXD, my knowledge on OCI stuff is lacking. Podman-compose is probably never going to be 100% compatible with docker-compose. It is a decent alternative, but if you are interested in running podman, you should learn the way podman handles stuff: podman, buildah, skopeo and friends. Just my $0.02.
The original idea of this post was to explain k8s, but I deviated a bit lot (not unexpected of me).
IMO, switching cold-turkey and fixing everything is the way to really do a migration. Of course, don’t do it on production or “homeprod” directly, but do it in a VM and see how it goes, what needs to change, what things you can adapt by changing to scripts instead of compose and so on. Then, with the knowledge you gathered now documented, start moving (home)prod. At least that is the way I found the motivation to change stuff (when everything works, you got no real reason to change, but if things are inaccessible and you want them, you’ll figure it out in probably 2 to 3 days of after-dayjob work).