Recommended way to manage events.log file
by Dale Baley
Hi, we rely on podman events via file for our workflows. Is there a recommended way to truncate/rotate/move the events.log file without losing potential event logs while doing so? journald isn't an option.
Thanks in advance
1 year, 10 months
Podman's GitHub upstream branch has been renamed!
by Tom Sweeney
Hi All,
Just a quick note aimed mostly towards our contributors. The 'master'
branch on the Podman GitHub Repository
(https://github.com/containers/podman) has been renamed to 'main'. If
you have a local clone of the repository, then you should do the following:
git branch -m master main
git fetch origin
git branch -u origin/main main
git remote set-head origin -a
Then the hardest part will then be retraining the muscle memory in your
fingers to type main now! FWIW, the Buildah and Skopeo projects, along
with most of the other projects in the the Containers organization on
GitHub have also been changed.
Best Wishes,
t
1 year, 11 months
environment variables in exec session not visible?
by James Miller
Hi,
I have a problem with an environment variable that I am passing into an
exec session. The command has worked in the past but recently, I am unable
to pass an environment variable that a called executable can see properly.
If I run, podman exec -e VAR='bob' -it some_cont bash -c "env", the
environment is printed out and includes the environment variable VAR='bob'.
But I can not run podman exec .... bash -c "echo $VAR" successfully, nor in
my current situation am I able to run podman exec -e
PASSWORD="$var_I_just_read" .... bash -c "mysql -uroot -p${PASSWORD}... ".
Because the env variable PASSWORD is not present, the mysql command asks
for a password. This was certainly working ok previously, but doesn't seem
to function now.
I have tried a bunch of different permutations, including running the
command with real variables instead of environment variables, and it works
ok. Also, I am sure that I used to be able to run 'podman exec -e
SOMEVAR='Bob' -it cont_name bash -c "echo $SOMEVAR" and get Bob output.
What am I doing wrong?
MTIA, James
--
James Stewart Miller Bsc(hons) Psych.
1 year, 11 months
run podman without isolation
by Hendrik Haddorp
Hi,
I want to run a build job inside a podman container. This is only done
to have better control on what tools and versions of those are
installed. I'm not interested in any isolation or security and would
ideally like my my user id, groups and so on to stay the same as on the
host. So far things look quite promising when using these flags:
--cgroups=disabled
--net=host
--annotation=run.oci.keep_original_groups=1
--security-opt label=disable
Is there any easier / better way to achieve this kind of thin "isolation"?
regards,
Hendrik
1 year, 11 months
Trouble with Podman secrets with v 3.2
by James Miller
Hi, I have v3.2 podman installed, but am having difficulty with the new
secrets --type=env.
I create the secret ok as file, but podman secret create secret_name
--env=true $env_name fails.
When I create the secret as file, no matter whether it is JSON or simple
variable='thing', when I create the container using the command
Podman run -dit --secret=secret_name,type=env --name=container_name
image_id
and then exec into the running container with Podman exec -it
container_name bash, there is no environment variable named secret_name.
Am I missing something?
Regards
James
1 year, 11 months
rootless podman, docker-credential-gcloud, and snaps
by Ioan Rogers
Hi,
I'm on Ubuntu, and I've recently encountered an issue when trying to use rootless podman with the docker-credential-gcloud helper installed via snap.
This works fine when using the official google-cloud-sdk apt packages, and it used to work with snap packages until last October.
Here's what I see now:
```
$ podman pull gcr.io/private/image
Trying to pull gcr.io/private/image...
2021/02/01 13:19:17.474248 cmd_run.go:994: WARNING: cannot create user data directory: cannot create "/root/snap/google-cloud-sdk/166": mkdir /root/snap: permission denied
cannot create user data directory: /root/snap/google-cloud-sdk/166: Permission denied
error getting credentials - err: exit status 1, out: ``
Error: unable to pull gcr.io/private/image: Error initializing source docker://gcr.io/private/image:latest: error getting username and password: error getting credentials - err: exit status 1, out: ``
```
So it looks like the credential helper is being executed as root now. I'm not sure in which component the problem lies, or where I should file an issue.
Any pointers would be appreciated.
Thanks
Ioan Rogers
Sent with ProtonMail Secure Email.
1 year, 11 months
Podman restore container failed
by Ali Hamieh
*HI,*
*When I migrated a podman container from a google cloud rhel 8.3 vm to a
local rhel 8.3 vm, I got the following error when restoring (Checkpoint and
restore podman uses CRIU): *
persmision:1: Error (criu/files-reg.c:2182): File . has bad mode 040755
(expect 040555)
(00.343223) 1: Error (criu/files.c:1357): Can't open root
(00.343659) Error (criu/cr-restore.c:1560): 163252 exited, status=1
(00.343707) Warn (criu/cr-restore.c:2469): Unable to wait 163252: No child
processes
(00.343974) mnt: Switching to new ns to clean ghosts
(00.344242) Error (criu/cr-restore.c:2483): Restoring FAILED.
*And from the local rhel 8.3 vm to the google cloud rhel 8.3 vm, I got:*
bad mode 040555 (expect 040755)
*So bad mode in reverse.*
*Any ideas on how to do a workaround? not necessarily a permanent fix.*
*The container is a podman container: quay.io/adrianreber/counter
<http://quay.io/adrianreber/counter>*
--
Best regards,
Ali Hamieh, PhD
*LinkedIn <https://www.linkedin.com/in/ali-hamieh-phd/>ResearchGate
<https://www.researchgate.net/profile/Ali_Hamieh>*
1 year, 11 months
Podman Community Cabal Meeting - July 15, 2021 - 10:00 a.m. EDT (UTC-4)
by Tom Sweeney
Hi All,
You may have seen in another discussion started by Erik Bernoth
about having a community meeting that was more of an open forum than
what the Podman Community Meeting is. For the past several months,
Urvashi Mohnani (cc'd) has been running an internal to Red Hat meeting
that we call the "Cabal". People send Urvashi discussion topics, and
they're added to the list. They're generally topics about future
design, interesting issues, or anything related to the containers
projects, Podman, Buildah, and Skopeo. We also generally have an open
forum for a good chunk of time at the end of the meetings.
Given that we are not having a Podman Community Meeting in July, we
decided to make the July Cabal meeting open to the entire community
rather than just the people at Red Hat. If you would like to attend,
please do! If you have a topic that you'd like to be sure that we
discuss, please send a note to Urvashi (cc'd) or myself. Also, send one
of us a note if you'd like to be added to the calendar event. The
meeting is free to attend and will be held via Google meet to start.
The link to the room is: meet.google.com/ieq-pxhy-jbh
In addition, we are planning to hold the Podman Community Cabal
Meeting for the entire community on the third Thursday of the month at
10:00 Eastern from now on. The Cabal meeting will be in addition to the
Podman Community Meeting and not a replacement for it. We still plan to
hold the Podman Community Meetings on the first Tuesday of each month.
I will send a reminder about the Cabal meetings about a week
beforehand to this list, and I will also put something up on the
podman.io site about it too.
Thanks all!
t
1 year, 11 months
