8:19 a.m.
Dear all,
I started with Docker a few weeks ago and understood security issues
coming from the root daemon. I saw that podman was close to Doker (and
it is true, my Dockerfiles worked without modification) and solved this
security issue.
With podman, things work well as long as I use my images / containers
in root mode, using sudo. However nothing works in user mode.
I guess that for security reasons, it would be better, by far, to run
containers in user mode. And I cannot understand how it works.
In root mode, typing "ip a" exhibits an eth0 network card, with an
ip. And when I use this ip with the considered port fron the outside
of the container (i.e. from the main OS), it works
In rootless mode, the same command gives a tap0 interface instead,
with another ip on another sob network I guess.
now if I force the usage of the podman network (in rootless mode),
with --network podman, now I get a eth0 network interface, on the same
sub network as in root mode. It seems to correspond to the cni-podman0
network on the host OS.
However, when I do :
telnet 10.88.0.02 8080
from the podman container, it works, whereas from the host OS, it does
not work, whereas the interface responds to ping from the host.
Can someone help ?
Regards,
Mike