The next Podman Community Cabal Meeting is happening in just under a
week on Thursday, November 18, 2021, at 11:00 a.m. EST (UTC-5). We're
talking https://podman.io redesign, forwarding play kube to httpd, and
more! Agenda with video conference:
Just as a reminder, the meeting now starts at 11:00 a.m., previously it
started at 10:00 a.m. Hope to see you there!
I'm new to podman, and fairly new to containers in general, so any advice is appreciated.
I'm running rootless podman in an environment with very little space allocated to /home. To get around this, I'd like to set up storage for my containers in a directory outside of my home while still running rootlessly. I'd prefer not to have the default location for container storage changed for all rootless users if possible (i.e. don't want to change /etc/containers/storage.conf if I can help it), I just want to override the defaults for a single user.
My understanding is that I could accomplish this by creating a local config file for my login and changing the locations of runroot and graphroot to the paths I want podman to write container data to. So I created a file ~/.config/containers/storage.conf (it didn't exist previously) and added the following minimal configs:
driver = "overlay"
runroot = "/run/user/999"
graphroot = "/opt/resources/podman/containers/storage"
mount_program = "/usr/bin/fuse-overlayfs"
After creating my the config file above though, none of my podman commands work running as my user login. E.g doing
Gives me the following error:
Error: mkdir /run/containers/storage: permission denied
It seems like podman is ignoring my user-specific config file and using the runroot path specified in /etc/container/storage.conf (which is set to /run/containers/storage), which is what I'm trying to avoid. I can restore rootless podman functionality by deleting my user-specific storage.conf file and reverting back to the default settings, but that doesn't get me any closer to fixing my issue.
OS: RHEL 8.4
Podman Version: 3.2.3
I've a question regarding containers using podman.
I've a database in one container. Let's call it 'Container 01'
And I want other containers to access the database in the 'Container 01'.
Is that possible?
If so, would you please let me know?
Thanks in advance.
for a while I have been using containers that join themselves into a
VPN via their entrypoint script.
Only a small CIDR is forwarded to that private network and all other
traffic gets routed over the bridged network via the host.
In my exact use case the containers use WireGuard and need the
- private key (public keys can be derived)
- public key of an endpoint
- network routable IP of an endpoint
- Port of the endpoint
- CIDR to route to endpoint
Optionally multiple endpoints could be specified.
As this hack inside the entrypoint is not the most elegant way (DRY)
and so on, I would like to ask whether or not it would be possible to
integrate this functionality into podman.
Specifically to integrate support for a WireGuard interface
configurable via CLI flags/config && together with this giving a
container multiple network interfaces at spawn with the ability to
specify which CIDR should route to which interface.
Implementing this would be an interesting challenge for me if it is at
all possible (or am I wasting my time here?)/
Any hints as to how I could proceed in implementing and testing this in
a fork of the project would be much appreciated!
Hi friends of podman!
I'm updating an application that uses docker to work with podman on Fedora.
I run into the issue that the volumes are not accessible in the container.
I can make it work by adding the 'z' option to place the proper labels
on the content.
Is this the right way to go about it?
The docker documentation has some warnings ('use extreme caution') for
these options. This is not mentioned in the podman docs. Does it work
differently between podman and docker, so that the warning wouldn't
apply to podman?
The next Podman Community Meeting is happening in 16.5 hours from now.
We're talking netavark, Mac, rootless networking, buildkit, and more!
Agenda here: https://podman.io/community/meeting/agenda/
Hope to see you there!