[Podman] Re: How to build image for own jar file
by Александр Илюшкин
TLDR: You will not be able to run graphical applications in containers.
What do you expect to see as a result of launching the gui application?
There is no graphics system in alpine by default, even if you add it there,
the graphics window somehow needs to be displayed on your local machine,
this will require certain settings to broadcast the graphics system over
the network.
containers usually contain services that are accessible over the network
through an open network port
С уважением, А. И.
пн, 4 дек. 2023 г., 21:34 Thomas <t.schneider(a)getgoogleoff.me>:
> Hello,
>
> I need more guidance on this task, and I think one should restart from
> scratch.
> This java app "masterpassword-gui" is obviously a graphical frontend,
> but I think I didn't reflect this in my dockerfile.
>
> Currently I'm using this dockerfile to build the image:
> # Filename: mpw-gui
> FROM alpine:latest
> RUN apk add openjdk17-jre-headless openjdk17-jre
> COPY files/masterpassword-gui.jar
> /home/thomas/Software/masterpassword-gui.jar
> CMD ["java", "-jar", "/home/thomas/Software/masterpassword-gui.jar"]
>
> tree /home/thomas/Software/container/mpg-gui/
> Software/container/mpg-gui/
> ├── Dockerfile
> └── files
> └── masterpassword-gui.jar
>
> 1 directories, 2 files
>
> The build is successful, but running the container fails.
>
> Could you please advise how to complete this task?
>
> THX
>
>
> Am 28.11.23 um 05:20 schrieb Александр Илюшкин:
> > Hi, mate.
> >
> > I believe you can use this answer on SO
> > https://stackoverflow.com/a/35062090 replacing `docker` with `podman`
> > as it fully supports docker API.
> >
> > So I would write a file named `Dockerfile`:
> >
> > FROM openjdk:11
> > MAINTAINER t.schneider(a)getgoogleoff.me
> > COPY~/.mpw-gui/masterpassword-gui.jar /home/masterpassword-gui.jar
> > CMD ["java","-jar","/home/masterpassword-gui.jar"]
> >
> > Notice that I used FROM openjdk:11, you don't have to build your own
> > separate openjdk image as it's already built by guys from openjdk,
> > please use your current project version of JDK for it:
> > https://hub.docker.com/_/openjdk
> >
> > Build your image:
> >
> > podman build -t imageName .
> >
> > Now invoke your program inside a container:
> >
> > podman run --name myProgram imageName
> >
> > Now restart your program by restarting the container:
> >
> > podman restart myProgram
> >
> > Your program changed? Rebuild the image!:
> >
> > podman rmi imageName
> > podman build -t imageName .
> >
> > Additionally, usually we don't build images by hand, we use maven or
> > gradle for this.
> >
> > For instance, google created a tool called JIB, which creates OCI
> > images with java programs automatically:
> > https://cloud.google.com/java/getting-started/jib
> >
> > Also, we use this maven plugin to build docker image with jar file of
> > our project without writing Dockerfile at all: https://dmp.fabric8.io/
> >
> > It should work the same way with both docker and podman.
> >
> > вт, 28 нояб. 2023 г. в 02:02, Thomas <t.schneider(a)getgoogleoff.me>:
> >> Hello,
> >>
> >> I have successfully build docker image "sapmachine", a build of OpenJDK.
> >>
> >> Now I want to build my own image to run my own jar file.
> >> This jar file is located in ~/.mpw-gui/masterpassword-gui.jar, and with
> >> locally installed OpenJDK I would run this command: java -jar
> >> .mpw-gui/masterpassword-gui.jar
> >>
> >> Could you please advise how to build my own image for this java
> application?
> >>
> >> THX
> >> _______________________________________________
> >> Podman mailing list -- podman(a)lists.podman.io
> >> To unsubscribe send an email to podman-leave(a)lists.podman.io
> >
> >
>
>
1 year, 5 months
[Podman] Re: --dns=ipaddr - no effect of it
by Paul Holzinger
This was a bug in 4.4 I think, you need to update to podman v4.5 (
https://github.com/containers/podman/issues/17499).
If you use a network with dns enabled we will now always use the
aardvark-dns resolver in resolv.conf and then aardvark-dns forwards to the
correct --dns ip when the query was not a container name.
Paul
On Tue, May 30, 2023 at 3:32 PM Daniel Walsh <dwalsh(a)redhat.com> wrote:
> On 5/30/23 09:14, lejeczek via Podman wrote:
>
>
>
> On 30/05/2023 14:00, Daniel Walsh wrote:
>
> On 5/29/23 05:59, lejeczek via Podman wrote:
>
> Hi guys.
>
> --dns=none renders what expected but with an actual server, say:
> --dns=10.3.1.200
> resolve.conf seems to be the one of the host's, as if --dns did not happen.
> Can anybody else say that is the case? Am I missing something?
> I'm on Centos 9 stream with all bits up-to-date.
> many thanks, L.
>
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
>
> Here is what I am getting?
>
> ```
> # podman run --dns=10.3.1.200 alpine cat /etc/resolv.conf
> nameserver 10.3.1.200
> # podman run --dns=none alpine cat /etc/resolv.conf
> cat: can't open '/etc/resolv.conf': No such file or directory
> ```
>
> Rootless
>
> ```
> $ podman run --dns=10.3.1.200 alpine cat /etc/resolv.conf
> nameserver 10.3.1.200
> $ podman run --dns=none alpine cat /etc/resolv.conf
> cat: can't open '/etc/resolv.conf': No such file or directory
> ```
>
> I'm trying, for production setup, Centos 9 (perhaps all official,
> available versions?)
>
> podman run -dt --network=off-host --ip=${_IP} --dns=10.3.1.200 --hostname
> ${_H}.${_DOM} --name ${_NAME} localhost/centos9-mine
> ...
> [root@centos-whale /]# cat /etc/resolv.conf
> search mine.priv mszczonow.vectranet.pl
> nameserver 10.3.1.254
> nameserver 89.228.4.126
> nameserver 31.11.173.2
> nameserver 10.1.1.254
> options timeout:1
>
> that 'resolv.conf' is an exactl copy off the host, this:
>
> podman run -dt --network=off-host --ip=${_IP} --dns=none --hostname
> ${_H}.${_DOM} --name ${_NAME} localhost/centos9-mine
>
> [root@centos-whale /]# cat /etc/resolv.conf
> # Generated by NetworkManager
> nameserver 192.168.122.1
>
> Perhaps the issue(s) is with centos?
> centos9-mine is done off the 'quay.io/centos/centos' with only a couple
> add rpm packages.
>
>
>
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
>
> No I doubt it, please open an issue.
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
>
2 years
[Podman] Re: How does podman "initialize" after a reboot?
by Daniel Walsh
On 8/3/23 04:43, Александр Илюшкин wrote:
> I also noticed that podman-machine does not start after reboot, I have
> to start it manually.
> There is also a bug fixed in 4.6 version.
>
> https://github.com/containers/podman/pull/18328
> https://github.com/containers/podman/issues/16945
>
> Check status of podman machine after reboot using this command
>
> podman machine list
>
> чт, 3 авг. 2023 г. в 08:57, Pratham Patel <thefirst1322(a)gmail.com>:
>> **Any** discussions--including me being an idot and not understanding
>> things--are welcome. Please comment/reply so I can understand what is
>> happening! :)
>>
>>
>> - Pratham Patel
>> _______________________________________________
>> Podman mailing list -- podman(a)lists.podman.io
>> To unsubscribe send an email to podman-leave(a)lists.podman.io
>
>
Podman runs as a service under systemd, so systemd starts podman. If
you question is how does Podman start containers that are autostarted at
boot, then podman has a a podman-restart.service which systemd
automatcially starts, and this service looks at the podman database and
starts any autostart services.
/usr/lib/systemd/system/podman-restart.service
/usr/lib/systemd/user/podman-restart.service
If you are asking about podman-machine, then someone else will need to
answer that question.
1 year, 10 months
[Podman] Re: "floating" IP with podman
by lejeczek
On 13/06/2023 10:25, lejeczek wrote:
>
>
> On 12/06/2023 17:35, Chris Evich wrote:
>>
>> IIRC this is called an 'alias'. I don't have a direct
>> answer to your question, but I can anticipate what the
>> experts will want to know:
>>
>> Is this a root or rootless container?
>>
>> Chris Evich (he/him), RHCA III
>> Senior Quality Assurance Engineer
>> If it ain't broke, your hammer isn't wide 'nough.
>>
>> On 6/12/23 05:38, lejeczek via Podman wrote:
>>> Hi guys.
>>>
>>> Is it possible to "attach" an IP to a container with (or
>>> perhaps outside of) podman but not create a separate/new
>>> iface for that?
>>> As if you added a "subsequent" IP to already
>>> ip-configured iface.
>>>
>>> many thanks, L.
>>>
>
> yes rootfool.
> On this/similar topic - does 'macvlan' offer settable
> metrics (it surely does not "inherit" - I expected it'd -
> host iface's metric) or perhaps a "no-gateway" setup?
> I'm on Centos 8 with 4.4.1 version.
I see it does that - gateway/route-less net with macvlan.
1 year, 11 months
[Podman] Re: Rootless container startup failure at bootup, launches fine manually
by Chris Evich
Hrmmm. Looking at the logs you provided more (again, I'm not a quadlet
or systemd expert), I'm wondering if most of the warnings/errors are
also harmless because I see toward the end:
podman[787]: 2023-05-25 03:01:59.00150107 +0300 EEST m=+0.108624239
image pull <redacted>:latest
If any of the prior messages were significant, I can't imagine podman
bothering to try and pull the image. If the prior messages are
harmless, it suggests troubleshooting should start with:
systemd[746]: cms_backend.service: Main process exited, code=exited,
status=125/n/a
Looking at your quadlet files, I noticed:
Exec=/bin/bash -c "pip install -q -e . \
...cut...
but cannot see a closing " (quote) anywhere in that big Exec string.
Hopefully this is copy-paste error. I can't imagine how it could work
manually with a missing quote like that.
Chris Evich (he/him), RHCA III
Senior Quality Assurance Engineer
If it ain't broke, your hammer isn't wide 'nough.
On 5/29/23 03:32, jklaiho(a)iki.fi wrote:
> The IP firewall warning seems to be unrelated. On another server where
> we didn't get this problem on a reboot, the same warning is emitted for
> one of the several rootless containers running there. It's interesting
> on its own, and I found where it happens in the systemd code here:
>
> https://github.com/systemd/systemd/blob/e30b4c13570a5e4ec794d480d5371e9c7... <https://github.com/systemd/systemd/blob/e30b4c13570a5e4ec794d480d5371e9c7...>
>
> ...but that seems like another, likely benign issue with rootless Podman
> and systemd/cgroups, maybe?
>
> The later errors seem to be the actual failure here, but I don't know
> what to make of them.
>
>
> - JK
>
>
>
>
> On Thursday, May 25, 2023 at 7:21 PM, Chris Evich <cevich(a)redhat.com
> <mailto:cevich@redhat.com>> wrote:
> On 5/25/23 08:03, jklaiho(a)iki.fi wrote:
>> systemd[746]: cms_backend.service: unit configures an IP firewall,
>> but not running as root.
>> systemd[746]: (This warning is only shown for the first unit using
>> IP firewalling.)
>
> I'm not an expert, but to my untrained eye, this message seems to be
> the
> root-cause indicator. I can't say for sure where/why that error is
> generated but it seems like it could be some kind of bug in quadlet
> interactions w/ the rest of systemd. Maybe try changing the
> dependencies (Wants/After) might make a difference? That's a total
> guess though.
>
> ---
> Chris Evich (he/him), RHCA III
> Senior Quality Assurance Engineer
> If it ain't broke, your hammer isn't wide 'nough.
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
>
2 years
[Podman] Re: How to build image for own jar file
by Thomas
Understood.
But what is the solution then to deploy this application?
Am 05.12.23 um 06:34 schrieb Александр Илюшкин:
> TLDR: You will not be able to run graphical applications in containers.
>
> What do you expect to see as a result of launching the gui
> application? There is no graphics system in alpine by default, even if
> you add it there, the graphics window somehow needs to be displayed on
> your local machine, this will require certain settings to broadcast
> the graphics system over the network.
>
> containers usually contain services that are accessible over the
> network through an open network port
>
> С уважением, А. И.
>
> пн, 4 дек. 2023 г., 21:34 Thomas <t.schneider(a)getgoogleoff.me>:
>
> Hello,
>
> I need more guidance on this task, and I think one should restart
> from
> scratch.
> This java app "masterpassword-gui" is obviously a graphical frontend,
> but I think I didn't reflect this in my dockerfile.
>
> Currently I'm using this dockerfile to build the image:
> # Filename: mpw-gui
> FROM alpine:latest
> RUN apk add openjdk17-jre-headless openjdk17-jre
> COPY files/masterpassword-gui.jar
> /home/thomas/Software/masterpassword-gui.jar
> CMD ["java", "-jar", "/home/thomas/Software/masterpassword-gui.jar"]
>
> tree /home/thomas/Software/container/mpg-gui/
> Software/container/mpg-gui/
> ├── Dockerfile
> └── files
> └── masterpassword-gui.jar
>
> 1 directories, 2 files
>
> The build is successful, but running the container fails.
>
> Could you please advise how to complete this task?
>
> THX
>
>
> Am 28.11.23 um 05:20 schrieb Александр Илюшкин:
> > Hi, mate.
> >
> > I believe you can use this answer on SO
> > https://stackoverflow.com/a/35062090 replacing `docker` with
> `podman`
> > as it fully supports docker API.
> >
> > So I would write a file named `Dockerfile`:
> >
> > FROM openjdk:11
> > MAINTAINER t.schneider(a)getgoogleoff.me
> > COPY~/.mpw-gui/masterpassword-gui.jar /home/masterpassword-gui.jar
> > CMD ["java","-jar","/home/masterpassword-gui.jar"]
> >
> > Notice that I used FROM openjdk:11, you don't have to build your own
> > separate openjdk image as it's already built by guys from openjdk,
> > please use your current project version of JDK for it:
> > https://hub.docker.com/_/openjdk
> >
> > Build your image:
> >
> > podman build -t imageName .
> >
> > Now invoke your program inside a container:
> >
> > podman run --name myProgram imageName
> >
> > Now restart your program by restarting the container:
> >
> > podman restart myProgram
> >
> > Your program changed? Rebuild the image!:
> >
> > podman rmi imageName
> > podman build -t imageName .
> >
> > Additionally, usually we don't build images by hand, we use maven or
> > gradle for this.
> >
> > For instance, google created a tool called JIB, which creates OCI
> > images with java programs automatically:
> > https://cloud.google.com/java/getting-started/jib
> >
> > Also, we use this maven plugin to build docker image with jar
> file of
> > our project without writing Dockerfile at all:
> https://dmp.fabric8.io/
> >
> > It should work the same way with both docker and podman.
> >
> > вт, 28 нояб. 2023 г. в 02:02, Thomas <t.schneider(a)getgoogleoff.me>:
> >> Hello,
> >>
> >> I have successfully build docker image "sapmachine", a build of
> OpenJDK.
> >>
> >> Now I want to build my own image to run my own jar file.
> >> This jar file is located in ~/.mpw-gui/masterpassword-gui.jar,
> and with
> >> locally installed OpenJDK I would run this command: java -jar
> >> .mpw-gui/masterpassword-gui.jar
> >>
> >> Could you please advise how to build my own image for this java
> application?
> >>
> >> THX
> >> _______________________________________________
> >> Podman mailing list -- podman(a)lists.podman.io
> >> To unsubscribe send an email to podman-leave(a)lists.podman.io
> >
> >
>
1 year, 5 months
[Podman] Re: HELP! recover files from a deleted container
by Alvin Thompson
I was afraid of that. Perhaps some level of protection from accidental data loss while in interactive mode (maybe just unlinking files and later deleting them when space is needed) is a decent feature suggestion.
Thanks,
Alvin
> On Sep 4, 2023, at 7:40 AM, Valentin Rothberg <vrothberg(a)redhat.com> wrote:
>
> Hi Alvin,
>
> I am really sorry about the data loss.
>
> Unfortunately, there is no magic `podman recover` feature that would bring the data back. The behavior of `network rm` is documented but I sympathize that it's not helpful in your situation.
>
> I feel bad that I cannot help you much.
>
> Good luck,
> Valentin
>
> On Mon, Sep 4, 2023 at 12:28 PM Alvin Thompson <alvin(a)thompsonlogic.com <mailto:alvin@thompsonlogic.com>> wrote:
>> Help!
>>
>> Is there any way to recover files from a deleted container? Long story short, I found the behavior of `podman network rm -f` unexpected, and it wound up deleting most of my containers. One in particular had a month of work in it (I was using it as a development environment), and it turns out only part of it was backed up. I’m desperate!
>>
>> This is Podman for Windows, so most of the files on the “host” are in the WSL environment. I can get into that no problem with `wsl -d podman-machine-default`.
>>
>> As an added wrinkle, my default connection was `podman-machine-default-root`, but I was was not running Podman rootful. I’m not sure this is particularly relevant.
>>
>> grep-ing for strings which are unique to the development environment shows one hit in Windows, in %HOME%/.local/containers/podman/machine/wsl/wsldist/podman-machine-default/ext4.vhdx - which I assume is the file system for the WSL layer itself. I made a copy of it.
>>
>> A grep within WSL itself doesn’t show so any hits, so it’s possible the files were deleted as far as WSL is concerned. I tried searching for an EXT4 undelete tool, but the only one I found (extundelete) is from 10+ years ago and doesn’t appear to work anymore.
>>
>> I haven’t stopped WSL (I’m using /tmp as a staging area) or restarted the computer.
>>
>> I’m at wit’s end. I really don’t know where to begin or look to recover these files, which I really, really need. Any recovery suggestions (no matter how tedious) would be welcome.
>>
>> I know it’s too late to change now, but man, the behavior of `podman network remove` is unexpected.
>>
>> Thanks,
>> Alvin
>> _______________________________________________
>> Podman mailing list -- podman(a)lists.podman.io <mailto:podman@lists.podman.io>
>> To unsubscribe send an email to podman-leave(a)lists.podman.io <mailto:podman-leave@lists.podman.io>
1 year, 8 months
[Podman] Re: Why do use podman machine on Mac?
by Jason Greene
That’s right Darren. The short answer is “containers are Linux”. The
longer answer is you need two key elements: a Kernel name-spacing facility,
and second a user-land ecosystem. On the former MacOS doesn’t have
something comparable. The closest is App Sandbox, but that is primarily a
syscall/ permission filtering mechanism (something also important for
containers, but only part of the problem). On the latter, this is what we
know of as containers, the user-land is the OS without the kernel, and as
such is very much tied to the kernel implementation. Darwin libraries and
apps use a different ABI and syscall interface than Linux, so basically
every container you use today would be incompatible even if there was
kernel support.
This is the situation with Windows containers (not to be confused with
using Podman on Windows or other container envs that run Linux containers).
Windows containers have kernel support and a win32 user-land, so to produce
them you have to port everything in the image to be native windows code.
They are useful but not anywhere near as predominant, since a big part of
the value is the portability a Linux container brings.
In contrast, WSL2 does run a Linux kernel in a shared VM, and internally it
is using Linux namespaces itself, with all distributions of a user sharing
the same Kernel. They ultimately abandoned the previous syscall emulation
approach since the NT kernel and Linux are just too different and the
behaviors don’t map cleanly. We leverage WSL2 for the Podman on Windows
implementation.
On Sep 7, 2023, at 11:51 AM, Darren Dupre <darren.dupre(a)gmail.com> wrote:
OS X has a Mach kernel and a BSD user land. Don’t think Apple is interested
in adding containers framework to that. I guess someone could write a
kernel extension but it’s a niche use case.
WSL 2 uses a real Linux kernel doesn’t it? But it’s still a VM inside of
Hyper V so I don’t think the performance is any different. WSL 1 is a posix
emulation with binary compatibility but no container support under the
hood.
Correct me if I'm wrong about that.
- Darren
On Thu, Sep 7, 2023 at 11:19 Mehdi Haghgoo via Podman <
podman(a)lists.podman.io> wrote:
> The container experience with podman machine on Windows and mac is not
> optimal because the containers are slow.
> Mac is a Linux-based OS. So, why can't we create native containers on it
> as we do on Linux?
>
> That applies to WSL. It's kind of Linux. Why cannot we create native Linux
> containers on it without resorting to Podman machine and podman clients?
>
>
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
>
_______________________________________________
Podman mailing list -- podman(a)lists.podman.io
To unsubscribe send an email to podman-leave(a)lists.podman.io
1 year, 8 months
[Podman] Re: is it possible to add all subcommand from buildah into podman?
by Daniel Walsh
On 10/2/23 09:55, Brent Baude wrote:
> Sure it is possible as it is only programming work. However there
> could be some downsides, like binary size, complicating user
> experience, and more pragmatically we'd likely have a lot more bugs,
> issues, and requests being added to podman where it should go to buildah.
>
> What do others think?
You should just use a multi-stage build to do this.
>
> On Mon, Oct 2, 2023 at 8:28 AM Larry Cai <larry.caiyu(a)gmail.com> wrote:
>
> Hi:
>
> Normally I install & use podman only since I know podman uses the
> codebase of buildah.
>
> Recently I start to learn how to use Redhat UBI micro image
> https://www.redhat.com/en/blog/introduction-ubi-micro, which needs
> buildah command
>
> So I wonder whether it is possible to add all sub commands from
> buildah into podman? then I don't need to install buildah besides
> podman. I treat podman is all-in-one tool
>
> Rgs, Larry
>
>
>
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
>
>
> _______________________________________________
> Podman mailing list --podman(a)lists.podman.io
> To unsubscribe send an email topodman-leave(a)lists.podman.io
1 year, 8 months
