[Podman] Re: don't understand how ip work in rootless mode

Dear all,    I started with Docker a few weeks ago and understood security issues coming from the root daemon. I saw that podman was close to Doker (and it is true, my Dockerfiles worked without modification) and solved this security issue.   With podman, things work well as long as I use my images / containers in root mode, using sudo. However nothing works in user mode.   I guess that for security reasons, it would be better, by far, to run containers in user mode. And I cannot understand how it works.   In root mode, typing  "ip a" exhibits an eth0 network card, with an ip. And when I use this  ip with the considered port fron the outside of the container (i.e. from the main OS), it works   In rootless mode, the same command gives a tap0 interface instead, with another ip on another sob network I guess.    now if I force the usage of the podman network (in rootless mode), with --network podman, now I get a eth0 network interface, on the same sub network as in root mode.  It seems to correspond to the cni-podman0 network on the host OS.    However, when I do : telnet 10.88.0.02 8080 from the podman container, it works, whereas from the host OS, it does not work, whereas the interface responds to ping  from the host.  Can someone help ?    Regards,      Mike _______________________________________________ Podman mailing list -- podman(a)lists.podman.io To unsubscribe send an email to podman-leave(a)lists.podman.io