-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
podman run fails on tinycore #8846
Comments
This does not appear to be a Podman issue. Please file an issue against the slirp4netns Github repo at https://github.com/rootless-containers/slirp4netns |
What about this?
|
That's an error from either |
Using |
I had podman running on boot2podman (based on tinycore), you might want to look there for clues: https://github.com/boot2podman/boot2podman/blob/master/building_rootless.md I used https://github.com/tianon/cgroupfs-mount in order to do the required cgroupfs mounting there But I don't really plan on continuing it, so the last release was for podman 1.9.3 and tinycore 10.0 |
I think the problem is trying to use pivot_root from a rootfs (the default tinycore installation runs off the initrd directly):
The workaround that was done for boot2docker was to copy everything to tmpfs using the "noembed" bootcode
From http://tinycorelinux.net/book.html The alternative is running podman with "no_pivot_root", but this is not really secure and sort of deprecated. It allows running from a rootfs though, so it was still used by boot2podman. And worked with old slirp4netns |
@imperialguy : you will need some kind of podman switch, to avoid adding the Alternatively add some kind of It was added here: rootless-containers/slirp4netns@6f46a05 See 7c3428d (for slirp4netns 0.4.1) |
@afbjorklund I'll give the |
I think it should be ok to add a new option like Alternatively, could slirp4netns be compiled without the sandboxing feature? We could make it configurable at |
Either way works for me. Can this be made configurable via nix as well? Although, podman switch is the most easiest for the end user. |
yes it can be configurable via nix as well. |
It would be great if you can make the |
The best would be to make it configurable, based on whether using a rootfs or not. (i.e. no_pivot)
Converting to a tmpfs, or compiling out or disabling the sandbox feature sounds like workarounds ? It is podman that decides to "call" runc or buildah or slirp4netns, and needs to use the proper flags. noPivot := r.config.Engine.NoPivotRoot
if !noPivot && slirpFeatures.HasEnableSandbox {
cmdArgs = append(cmdArgs, "--enable-sandbox")
} |
The above fixes the
|
Yes, I would recommend using that script when not using systemd. Tiny Core Linux uses You will need to compile a new kernel with cgroups support, though. The default Tiny Core Linux kernel does not support cgroupfs/overlayfs. |
We deprecated and buried both the boot2docker and boot2podman distributions in 2020...
There is much more info here: https://podman.io/community/meeting/notes/2020-11-03/ Presentation: The boot2podman project - "rise and fall of", 2013-2020 The main focus for a container distribution is Fedora CoreOS, featuring Podman: For the casual user, we just used Vagrant (with regular Ubuntu or Fedora) instead: There has been some talk about doing a community distribution, based on Tiny Core Linux... The best would be if the default kernel could be container-enabled, and the packages included.
The package manager is called TCE and uses TCZ packages, there's more info here: packages.md It would be possible to support both Docker 20.10+ and Podman 2.1+ from the same "base" TCL OS. |
For me, there's broadly two use cases - lightweight and not-so-lightweight (or let's just call it heavy weight:) ) For light weight, I am using tinycore. For heavy-weight, I am thinking vagrant+libvirt+archlinux. But, now that you mentioned, I'll definitely look at your vagrant+libvirt+fedora32 option as well. I usually try to stay away from large disk size VMs as much as possible. As far as the future options go, hopefully some day you will release a "Podman for Desktop" that runs on fedora CoreOS VM. So, I'll wait for that. And look forward to using it if and when it's available. In the meantime my use case is mostly light-weight. Hence tinycore. Haven't planned on coordinating with upstream, but I usually custom build the tczs as I go based on my use cases (podman and related deps in this case). |
Assuming podman package support in the repositories, it would probably be trivial to adopt it to other distributions. Vagrant.configure("2") do |config|
config.vm.box = "generic/fedora32"
config.vm.provider "libvirt" do |lv|
lv.memory = "1024"
end
config.vm.provision "shell", privileged: false, inline: <<-SHELL
sudo yum install -y podman
systemctl enable --user podman.socket
systemctl start --user podman.socket
SHELL
end Like using "generic/arch" instead of fedora and "pacman -Syu --noconfirm podman" instead of yum, or something ? https://www.redhat.com/sysadmin/podman-clients-macos-windows
If you want to use Fedora CoreOS, there is already CodeReady Containers. But I can't speak for Red Hat plans... As far as "weight" goes, it's like 10x vagrant (which is 10x tinycore). Like 10G, when compared with 1G and 100M ?
Sounds like the same story then: https://podman.io/blogs/2019/01/14/podman-machine-and-boot2podman.html But it quickly grows into a full "distribution" and takes up a lot of maintenance time, which is why it was deprecated... |
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
podman run
fails on tinycore 11.1 VM because of some issue related toslirp4netns
. I built podman and related deps manually. Are there any plans to release podman distros for tinycore? That would be very helpful.Steps to reproduce the issue:
Install podman on tinycore using manual install
Run
podman run hello-world
Describe the results you received:
Describe the results you expected:
Expected it to work
Additional information you deem important (e.g. issue happens only occasionally):
Tried this workaround, but it produces a different error
Output of
podman version
:Output of
podman info --debug
:Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide?
Yes
Additional environment details (AWS, VirtualBox, physical, etc.):
Tinycore runs on virtual box.
The text was updated successfully, but these errors were encountered: