Comments (5)
giuseppe
commented on July 24, 2024
Additional environment details
Runs on an GCP compute engine instance
please provide more information on the environment. I see only one mapping is available. How was the user created? Is it a nested container?
podman info output
bash-4.4# podman version WARN[0000] Using rootless single mapping into the namespace. This might break some images. Check /etc/subuid and /etc/subgid for adding sub*ids if not using a network user Client: Podman Engine Version: 4.4.1 API Version: 4.4.1 Go Version: go1.19.10 Built: Wed Oct 4 14:55:19 2023 OS/Arch: linux/amd64
podman version is not as helpful as the podman info output that is requested by the PR template. Can you please provide the podman info output?
from podman.
dg424
commented on July 24, 2024
Hi @giuseppe,
Here is the output of podman info:
podman info --debug
time="2024-06-17T15:05:31Z" level=warning msg="\"/\" is not a shared mount, this could cause issues or missing mounts with rootless containers"
host:
arch: amd64
buildahVersion: 1.29.0
cgroupControllers: []
cgroupManager: cgroupfs
cgroupVersion: v1
conmon:
package: conmon-2.1.6-1.module+el8.8.0+1265+fa25dd7a.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.1.6, commit: a88a21e8953a6243d5f369f61a342bcaf0630aa1'
cpuUtilization:
idlePercent: 84.2
systemPercent: 2.37
userPercent: 13.42
cpus: 48
distribution:
distribution: '"rocky"'
version: "8.8"
eventLogger: file
hostname: build-20240617150503150-l8s55-g8z2c
idMappings:
gidmap:
- container_id: 0
host_id: 0
size: 1
- container_id: 1
host_id: 1
size: 4294967294
uidmap:
- container_id: 0
host_id: 0
size: 1
- container_id: 1
host_id: 1
size: 4294967294
kernel: 5.15.0-1050-gke
linkmode: dynamic
logDriver: k8s-file
memFree: 52360847360
memTotal: 101331390464
networkBackend: cni
ociRuntime:
name: runc
package: runc-1.1.4-1.module+el8.8.0+1265+fa25dd7a.x86_64
path: /usr/bin/runc
version: |-
runc version 1.1.4
spec: 1.0.2-dev
go: go1.19.4
libseccomp: 2.5.2
os: linux
remoteSocket:
path: /run/user/0/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_SYS_CHROOT,CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.2.0-2.module+el8.8.0+1265+fa25dd7a.x86_64
version: |-
slirp4netns version 1.2.0
commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383
libslirp: 4.4.0
SLIRP_CONFIG_VERSION_MAX: 3
libseccomp: 2.5.2
swapFree: 0
swapTotal: 0
uptime: 1439h 54m 32.00s (Approximately 59.96 days)
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
search:
- registry.access.redhat.com
- registry.redhat.io
- docker.io
store:
configFile: /root/.config/containers/storage.conf
containerStore:
number: 0
paused: 0
running: 0
stopped: 0
graphDriverName: vfs
graphOptions: {}
graphRoot: /var/lib/containers/storage
graphRootAllocated: 3168432029696
graphRootUsed: 1942340562944
graphStatus: {}
imageCopyTmpDir: /var/tmp
imageStore:
number: 0
runRoot: /run/containers/storage
transientStore: false
volumePath: /var/lib/containers/storage/volumes
version:
APIVersion: 4.4.1
Built: 1696431319
BuiltTime: Wed Oct 4 14:55:19 2023
GitCommit: ""
GoVersion: go1.19.10
Os: linux
OsArch: linux/amd64
Version: 4.4.1
from podman.
giuseppe
commented on July 24, 2024
I see the message:
time="2024-06-17T15:05:31Z" level=warning msg="\"/\" is not a shared mount, this could cause issues or missing mounts with rootless containers"
In what environment are you running that command? Is it a nested container? Directly on the host?
Also this is the issue tracker for the upstream development, so please try with a newer version of Podman to see if the issue still persists
from podman.
dg424
commented on July 24, 2024
We already tried with the latest version and still the same issue. In regards to the environment, this is a k8s pod running rootless docker daemon.
from podman.
giuseppe
commented on July 24, 2024
I've tried to reproduce a similar environment, running nested podman but I am not able to reproduce it yet.
Could you try to run podman inside podman (so no Docker involved) and see if that behaves in the same way for you? You can just use the podman image, e.g. podman run podman ...`
Could you share your Dockerfile?
from podman.
Related Issues (20)
- podman build -o type=tar,dest=- mixes tar and messages HOT 1
- [Quadlet] [rootless] dependencies not working HOT 2
- podman machine ssh ignore machine name on Windows/HyperV HOT 2
- Behavior of `podman run --cidfile foo.cid` is not compatible with `docker run --cidfile foo.cid` HOT 1
- TmpFS gets dirty with `exit` files
- Error: writing file `/proc/450976/gid_map`: Operation not permitted: OCI permission denied HOT 5
- podman compose not working correctly for some compose yamls HOT 29
- podman commit on containers with a large files throws error: io: read/write on closed pipe HOT 3
- macos: `podman image list -f invalid` crashes
- Create Windows ARM releases HOT 4
- [Quadlet] [Rootless] stop network not working HOT 1
- virtiofsd not in path breaks podman start HOT 2
- When a container hosting a DNS Service is running on a user created network, container name resolution fails HOT 4
- Podman push successful image does not appear in repository, i using Ubuntu HOT 1
- podman create --device invalid-device --privileged does not raise error HOT 14
- Machine init does not delete partially downloaded files when aborting HOT 2
- Podman user mode breaks because homed changes uid on different host HOT 1
- Podman JSON format issues HOT 9
- podman machine start with DEBUG mode is not prompting the install of rosetta
- user's feedback when starting a machine if rosetta is not installed HOT 11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from podman.