rootless config
by Lou DeGenaro
I start with an empty /home/degenaro/.config/containers directory.
I run podman info.
I see that files libpod.conf and storage.conf have been created.
I grep for "/home" and see:
libpod.conf:volume_path =
"/home/degenaro/.local/share/containers/storage/volumes"
libpod.conf:static_dir =
"/home/degenaro/.local/share/containers/storage/libpod"
storage.conf: graphroot = "/home/degenaro/.local/share/containers/storage"
What's wanted is to configure podman so that "/home" is replaced by
"/tmp". That is, if I were to erase these .conf files and run podman info
again I want to see:
ibpod.conf:volume_path =
"/tmp/degenaro/.local/share/containers/storage/volumes"
libpod.conf:static_dir =
"/tmp/degenaro/.local/share/containers/storage/libpod"
storage.conf: graphroot = "/tmp/degenaro/.local/share/containers/storage"
The desire is to have all rootless users use /tmp instead of /home, since
/home is on a shared filesystem which seems to be problematic for podman.
Thx.
Lou.
4 years, 6 months
ubi7 kernel-headers
by bryan.hepworth@gmail.com
Hi all
Not sure this is the best place to ask or not, scenario is as follows: -
building container with podman locally to check it does build - trying it in quay.io and I'm bumping up against a vulnerability I can't seem to correct which I'm thinking is something I'm doing.
I'm uploading a Dockerfile (for want of a better file name) to start the build, but it always finds a vulnerability in kernel-headers for ubi7 which I can't seem to get to update from the build despite yum -y update - it's the gcc package that it loads up.
Dockerfile looks like this: -
FROM registry.access.redhat.com/ubi7/ubi
RUN yum -y update && yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && yum -y update && yum -y install python2 && yum -y install make && yum -y install gcc && yum -y install redhat-rpm-config && yum -y install zlib-devel && yum -y install bzip2 && yum -y install xz-devel && yum -y install python2-devel && yum -y install git && yum -y install python2-pip && yum -y install wget && yum -y install sudo && yum -y install bash && yum clean all
CMD ["/bin/bash"]
USER 0
RUN curl -o miniconda.sh https://repo.continuum.io/miniconda/Miniconda2-latest-Linux-x86_64.sh
RUN bash miniconda.sh -b -p /opt/miniconda
RUN ln -s /opt/miniconda/bin/python /usr/local/bin/python
RUN ln -s /opt/miniconda/bin/pip /usr/local/bin/pip
RUN ln -s /opt/miniconda/bin/conda /usr/local/bin/conda
RUN conda config --add channels defaults
RUN conda config --add channels bioconda
RUN conda config --add channels conda-forge
RUN conda init bash
RUN echo y | conda create -n clairvoyante-conda-env -c bioconda clairvoyante
The quay.io creation is here: -
https://quay.io/repository/bryanhepworth/clairvoyante?tab=tags
Any help most gratefully received.
Bryan
4 years, 6 months
GraphRoot
by Lou DeGenaro
I made a change to storage.conf as follows:
graphroot = "/tmp/degenaro/.local/share/containers/storage"
Yet, when I run podman info:
GraphRoot: /tmp/podman/degenaro/.local/share/containers/storage
Why does the string /podman still appear in GraphRoot?
Thanks.
Lou.
4 years, 6 months
rootless ping not working for external IP???
by Lou DeGenaro
Dunno what I'm doing wrong. Please advise. Thx!
Lou.
=====
[root@ducc-client-centos-7x-v1 etc]# podman run busybox ping -c 2 localhost
PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: seq=0 ttl=64 time=0.107 ms
64 bytes from 127.0.0.1: seq=1 ttl=64 time=0.080 ms
--- localhost ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.080/0.093/0.107 ms
[root@ducc-client-centos-7x-v1 etc]# podman run busybox ping -c 2
176.32.103.205
PING 176.32.103.205 (176.32.103.205): 56 data bytes
64 bytes from 176.32.103.205: seq=0 ttl=226 time=28.471 ms
64 bytes from 176.32.103.205: seq=1 ttl=226 time=28.708 ms
--- 176.32.103.205 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 28.471/28.589/28.708 ms
[root@ducc-client-centos-7x-v1 etc]# su - podtest
Last login: Thu Oct 3 09:39:03 CDT 2019 on pts/0
[podtest@ducc-client-centos-7x-v1 ~]$ podman run busybox ping -c 2 localhost
PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: seq=0 ttl=64 time=0.079 ms
64 bytes from 127.0.0.1: seq=1 ttl=64 time=0.084 ms
--- localhost ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.079/0.081/0.084 ms
[podtest@ducc-client-centos-7x-v1 ~]$ podman run busybox ping -c 2
176.32.103.205
PING 176.32.103.205 (176.32.103.205): 56 data bytes
--- 176.32.103.205 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
4 years, 6 months
Restart bash during a build
by bryan.hepworth@gmail.com
Hi all
One of the containers I'm trying to build has a component that requires restarting the current she'll to continue. I've seen other suggestions via Google but haven't had any success. Would be grateful if any one could comment.
Thank you
Bryan
4 years, 6 months