Workaround for bind-mounting and running as root inside container
by Dominic
Hello,
There may not be a good answer to this question, but I was
wondering if anyone has a suggestion. I'm using rootless podman
for local development environments for Node.js and PHP projects.
I can't wait to rebuild an image after each file is changed, so
I'm bind mounting my project's working directory into the
container so changes are reflected instantly. A consequence of
this is that all of the project files are owned by the root user
inside the container (since they are owned by my regular user
outside). This means that I need to run any commands as root in
the container in order to have access to the project files. That,
in itself, is not a big deal. The problem is that a lot of
software doesn't like to be run as root. I have run into problems
with:
- PHP-FPM requires a special flag to run as root and config changes
- WP-CLI requires a special flag added to any command to run as root
- Compiling software can fail as part of npm install (specifically with gulp-imagemin)
None of these issues are really show stoppers, but they do slow
down development, and each time I run into a new one it can take
time to debug.
Are there any workarounds that allow for fast development, the
user running in the container to not be root, and reasonable
security (e.g. I don't really want to chmod 777 all of my project
files)?
--
Thank you,
Dominic
4 years, 3 months
Logs show permission denied error
by Chintan from Rebhu
Hello everyone!!
I am trying to run Envoyproxy using podman.
I have tried running the application in rootful and rootless mode but in
either of these I get the same error.
As mentioned in the Envoyproxy's documentation, I run the following command:
podman run -d -p 10000:10000 envoyproxy/envoy:v1.15.0
However, the container exits and the logs show following errors:
chown: changing ownership of '/dev/stdout': Permission denied
chown: changing ownership of '/dev/stderr': Permission denied
This is the complete output returned from podman logs.
The same error is not present when I switch from v1.15.0 to v1.14.4 of
Envoyproxy.
I am out of my wits about this. Please tell me how I should find a solution.
We only use Podman in our infrastructure.
Here are some more details that might be helpful:
* `uname -r`: 5.6.5-300.fc32.x86_64
* `rpm -qa conmon`: conmon-2.0.19-1.fc32.x86_64
* `cat /etc/os-release`
o NAME=Fedora
VERSION="32 (Cloud Edition)"
ID=fedora
VERSION_ID=32
VERSION_CODENAME=""
PLATFORM_ID="platform:f32"
PRETTY_NAME="Fedora 32 (Cloud Edition)"
ANSI_COLOR="0;34"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:32"
HOME_URL="https://fedoraproject.org/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/f32/system-administrators-guide/"
SUPPORT_URL="https://fedoraproject.org/wiki/Communicating_and_getting_help"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=32
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=32
PRIVACY_POLICY_URL="https://fedoraproject.org/wiki/Legal:PrivacyPolicy"
VARIANT="Cloud Edition"
VARIANT_ID=cloud
Thank you.
--
Chintan Mishra
Rebhu Computing
4 years, 3 months
Current status of podman on macOS Catalina?
by thomas.neal@hcl.com
I have installed podman on my macOS Catalina laptop using 'brew cask install podman' and can see that I have v2.0.3 installed.
$ podman -v
podman version 2.0.3
$
From what I read, the macOS podman is a remote client, but I can't find consistent directions on how to setup/configure the macOS client to reference a remote podman node. I have both RHEL7.7 (podman version 1.6.4) and RHEL8.0 (podman version 1.9.3) VMs where I can ssh as root.
Can someone please point me to info about how to setup my macOS podman client to use either of my RHEL podman nodes?
Thanks in advance for any help!
4 years, 3 months
Re: Current status of podman on macOS Catalina?
by Thomas Neal
I want to use the new v2 remote client for macOS, but currently the latest version of podman that I can get for my RHEL[78] VMs is 1.9.3. Scott mentioned above that it will be RHEL8.3 (November timeframe) before that’s available in the standard yum repos.
I’m trying to configure all this so I can continue work on our operators for IBM cloudpak work. Is there a way I can get access to podman v2 for RHEL8 now, other than building it myself?
--tom
Thomas Neal
Senior Software Developer
HCL Software DevOps
919-426-1259
::DISCLAIMER::
________________________________
The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. E-mail transmission is not guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or may contain viruses in transmission. The e mail and its contents (with or without referred errors) shall therefore not attach any liability on the originator or HCL or its affiliates. Views or opinions, if any, presented in this email are solely those of the author and may not necessarily reflect the views or opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of authorized representative of HCL is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately. Before opening any email and/or attachments, please check them for viruses and other defects.
________________________________
4 years, 3 months