-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Package up podman for vanilla Debian #1742
Comments
@qiancai let's track Debian work here |
@qiancai I'm guessing we don't need to worry about SELinux for Debian and its downstreams. Do you see selinux-policy being a hard dependency somewhere? |
SELinux should not be a hard dependency, but a Nice to Have. |
Debian developer complained that libpod and its dependencies were unversioned. Is that something worth solving? |
Libpod is versioned in lockstep with Podman - I consider We do have a number of unversioned dependencies, though - notably c/image and c/storage? |
On Thu, Nov 01, 2018 at 07:07:08AM -0700, Qian Cai wrote:
Debian developer complained that libpod and its dependencies were unversioned. Is that something worth solving?
https://lists.debian.org/debian-go/2018/11/msg00000.html
Is libpod still unversioned? I thought the versioned git tags implied
otherwise, am I reading that wrong?
…
--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
#1742 (comment)
--
Lokesh
IRC, GitHub: lsm5
GPG: 0xC7C3A0DD
https://keybase.io/lsm5
|
Filed a container-selinux bug, |
Filed a oci-systemd-hook bug, projectatomic/oci-systemd-hook#107 In the meanwhile, skopeo works fine there. However, there are lots of vendors. Specifically, how about versioning containers/storage and containers/image if not done so yet? Then, I'll start to package skopeo first while waiting on fixing other blockers. |
We no longer depend on oci-systemd-hook (for Podman at least) - it's not necessary if you aren't packaging CRI-O |
It turned out that podman still depend on oci-systemd-hook. See 57a8c2e I can also help with running standalone runc systemd containers. |
Never mind. I got podman working with systemd containers without oci-systemd-hook, so I don't need to package oci-systemd-hook to Debian now. |
Filed bugs to tag repos. |
I suppose this is not needed anymore. The easiest path looks like just to get podman into snap store. https://snapcraft.io/search?category=server It looks like anyone could create that for CRI-O/podman etc as well. https://docs.snapcraft.io/creating-a-snap/6799 Any objection? |
Do people with debian use Snapstore. Or just Ubuntu and its descendent? But I have no objection. |
Looks like only Ubuntu and its descendant use snap store, but I suppose our goal is to reach the Ubuntu 's huge developer base. |
Yup, That gets us to 95% of users, So much better then what we get now. |
Sounds good. I'll let @lsm5 get those in the snap store then, since he have already packaged everything to PPA. I'll help around if needed. |
I guess I'll defer this until I find out from kube maintainers if they're willing to include our tools on their apt repo. |
Snaps work on Debian, but it's like requiring the users of an Android App to install F-Droid to get it. It's feasible, but you will reach a smaller audience than if you use the Google Playstore. I mean, there is already a package manager in Debian and it covers Debian, Ubuntu and much more. Snap is a Canonical kind of package manager that you will typically find only in Ubuntu and probably not so wide spread... Would you offer libpod only as Flatpak for the RedHat-based distros? I'm following the thread of CAI Qian trying to get a Debian package in the Go-Team and will try to support you on that effort. I already sent a message with the offer, but my e-mail client apparently missed-up with the thread-ID... |
I don't think the comparison is fair as packaging go-tools for Debian is exponentially more complex given all dependencies (see
The good news is that we are working with the Debian community together to get the tools into the main repositories. @siretart is actually doing all the heavy lifting of packaging the dependencies in preparation to eventually package the tools. |
I wasn't comparing the effort, but the audience that you reach and in that sense I find it's a more than fair comparison. Flatpak appears to have a wider usage than snap/snappy/snapstore. WRT to the effort, I fully agree with you 😒
Those are great news! 👍 |
Sad to say I think this is stalling again. Still huge hurdles to get over in order to get Go Programs packaged into Debian. |
I probably should have updated this issue more frequently, my apologies. I think it is fair to say that significant progress is being done. At this point, I've packaged all dependencies for golang-github-containers-storage 1.5, and that package itself. It is currently in the review queue by the Debian ftp-masters for inclusion into the Debian archive. This is standard procedure, and takes a couple of weeks right now (the team's priority at this point is the upcoming freeze for Debian 10, and not the inclusion of experimental and NEW packages). Also cf. https://ftp-master.debian.org/new/golang-github-containers-storage_1.5-1.html and http://bugs.debian.org/921949 I'm currently working on packaging golang-github-openshift-imagebuilder, which progress is tracked in http://bugs.debian.org/923300. Note that while working on this, I was running into containers/storage#293, which luckily has been fixed much faster than I could have possibly wished for. Thank you so much for your assistance. The next steps would be to wait for containers/storage to be ACCEPTED into the archive and update it to the most next version with the cleaned up docker dependencies. Then I can proceed to package containers/image, on which I've also started to work on. Progress for that is being tracked at http://bugs.debian.org/922842 Let me know if you have specific questions or concerns. |
Given the cheers on my last week's update, it seems that there is interest in status updates. In the last week, containers/storage remains in the NEW queue, but I've managed to update it locally to version 1.11 and got it to build. I'm still working on openshift/imagebuilder in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923300 and ran into some missing imports in the debian docker.io package. NB: In Debian, the plan is to use the distro provided version of docker.io (which is version 18.09.1-CE at this point), and not the exact git revision that vendor.conf happens to point to. It turns out that the debian source package misses to install some golang sources that are required for compiling openshift/imagebuilder, and have thus created https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924257 and added a patch to fix that. The package maintainer is responsive, has cleaned up the patch and asked me to upload it on his behalf to experimental together with an version upgrade to 18.09.03-CE. I was about to do so, but it turns out that there are additional sources missing, and openshift/imagebuilder#125 (comment) - Valentin is working on a fix for that in openshift/imagebuilder#127 |
Thanks for the update, @siretart 🙏 |
@siretart @vrothberg Is this still being worked on? Any progress? |
There is. Sorry for the late update. I've updated / uploaded a couple of dependencies in Debian, all of which are now present in the Debian archive:
The docker.io package required additional work to expose some libraries required by golang-github-openshift-imagebuilder, cf. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924257. I've worked on the golang-github-openshift-imagebuilder package, the most recent version can be seen here: https://salsa.debian.org/docker-team/docker/tree/experimental, progress on getting it into debian is here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923300 - in short, we are (still) waiting for golang-github-containers-storage to arrive into the archive. On that front, we had a setback (cf. http://bugs.debian.org/921949#17): ftp-master REJECTED version 1.5 of the package with concerns about unclear copyright holder declarations. The response was not exactly constructive. I've asked for clarification, did an update to debian/copyright, updated the package to version 1.12.2, and reuploaded for review. This could have been avoided if the upstream package were more clear about who is holding the copyright. This recommendation applies to any upstream package. Looking forward, I've filed containers/buildah#1437 and noticed only today that this seems to have been addressed (I didn't notice earlier because there was no status update on the issue). This allows me to proceed with preparing a package for buildah in salsa, and clarifies this as a dependency for podman/libpod. Next steps:
|
Not much progress, the NEW queue remains to be super slow. I was able to build a somewhat "proper" skopeo package:
and buildah:
This required me to identify some API patches and backport them as distro patches: https://salsa.debian.org/go-team/packages/golang-github-containers-image/tree/master/debian/patches Interest in those packages has been raised on the debian-go mailinglist: http://lists.debian.org/[email protected] - with the many package we have here, it is admittedly not easy to keep track of all dependencies. As next steps, I'll play with https://aptly.info to create a repository that backports all packages and dependencies required to build and run I also briefly looked at packaging |
Quick update, the install doc has been updated to include OBS repo setup. The debian maintainers can update the relevant sections once the official packages are shipped. HTH. |
@lsm5 Thanks for the packaging work! This is very much appreciated! |
@travier-anssi whoops, thought I disabled docker manpages, but apparently not, fixing.. |
|
Can we close this one now? Is podman available from Debian? |
@lsm5 WDYT? |
as far as the "from debian" side of things, podman is still waiting for approval in "NEW": https://ftp-master.debian.org/new/libpod_1.6.4+dfsg-1.html |
I'm not opposed to closing this, but maybe community prefers this bug for tracking instead of the debian bugs listed above... |
Since this is not an upstream issue, I will close it. |
Even when this issue is closed, just to share the information with the people following this issue: Podman has been accepted to "unstable"! 🎉 Currently it's still on version 1.6.4, but I assume that an update will follow. If some criteria are fulfilled, then the package moves automatically to |
for those wanting details of the debian package, i find that https://tracker.debian.org/pkg/libpod is a better URL to follow. in this case, podman is blocked on https://tracker.debian.org/pkg/golang-github-openshift-imagebuilder which was failing to build on arm: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959538 (openshift/imagebuilder#160) for which a fix was uploaded today. :) |
Thanks anarcat for keeping this issue posted. The packages in debian are currently lagging a few upstream releases behind, but the good news is that I already prepared updated packages and they work great for me on my laptop. The new packages needed a couple of dependencies updated and as soon as they make it to Debian, I can proceed with uploading the updates. |
Wish debian Sid support podman v2.0 |
I believe the right place to report that is not here but on the Debian bugtracker, which already knows about it. :) It seems there's about a dozen dependencies missing... |
I just uploaded it to experimental. Turns out not all dependency updates were needed and I could patch podman to avoid some of the more problematic ones caughdockercaugh. The package should work just fine on a debian 'testing' system as well (that's what I have on my laptop). Just install the .deb package from experimental. Coming up next: Getting this in shape for the upcoming Debian's "bullseye" release... I guess the instructions on https://podman.io/getting-started/installation for Debian could be updated? |
@siretart why is it only available for i386? Specially when the provided GitLab CI pipeline specification is only running architecture |
It failed to build on the other architectures: https://buildd.debian.org/status/package.php?p=libpod&suite=experimental |
It seems there is an issue with |
FYI, I've just uploaded podman 2.0 to unstable: https://tracker.debian.org/pkg/libpod |
Awesome @siretart Great work. |
I've just installed it (on Debian Testing/Bullseye) and a simple rootless "image pull" and "run" worked directly 👏 |
2020-07-27 Podman 2 reached the last stage needed to get into Debian stable: https://tracker.debian.org/news/1163256/libpod-202dfsg1-3-migrated-to-testing/ We will see, if it makes its way to the next stable release. But by having reached "Testing" release it has become usable for most developers using containers (we tend to use "testing" on our development machines) and it will probably get its way into next Ubuntu release (derived from Debian Testing). Current version on testing is 2.0.4. This is the page to follow it: https://tracker.debian.org/pkg/libpod Great job @siretart ! I'm happy to see it happening. |
This is separate from the PPA work that's already being done. This issue will track efforts towards getting podman in vanilla Debian.
Update: Debian tickets
The text was updated successfully, but these errors were encountered: