Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable running containers with Podman #4421

Merged
merged 3 commits into from
Jun 24, 2019
Merged

Enable running containers with Podman #4421

merged 3 commits into from
Jun 24, 2019

Conversation

afbjorklund
Copy link
Collaborator

@afbjorklund afbjorklund commented Jun 4, 2019
edited
Loading

Running containers with sudo podman did not work properly.

  1. The CNI version used for crio is too old, so it fails to load from podman (PR Upgrade CNI config version to 0.3.0 #4410)
  2. We need to upgrade conmon, i.e. provide /usr/libexec/podman/conmon
  3. We need to rebuild runc, systemd support doesn't work when built static
  4. We need to provide /etc/containers/libpod.conf, with our rootfs setting

Closes #4406

@afbjorklund
Make podman depend on conmon from master
70a00bf 
Need a later version than the one provided by crio.

So use separate installations, one for each program.
@afbjorklund
Install podman configuration to use no_pivot_root
32583d8 
We need this podman setting, as long as we're running from rootfs.

	no_pivot_root = true

Note that building uses a different way, an environment variable.

	export BUILDAH_NOPIVOT=true
@afbjorklund
Link runc dynamically, avoid docker-runc install
b31c66c 
Static linking doesn't work with the systemd cgroup manager.

The latest docker package now uses the standard runc program.
@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jun 4, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: afbjorklund

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Jun 4, 2019
@sharifelgamal
Copy link
Collaborator

@minikube-bot OK to test

@tstromberg
Copy link
Contributor

PR looks good, but needs a better title for our release notes.

@afbjorklund afbjorklund changed the title Podman run Enable running containers with Podman Jun 20, 2019
@afbjorklund afbjorklund mentioned this pull request Jun 20, 2019
Closed
@afbjorklund
Copy link
Collaborator Author

Hopefully this title is better ? Also reopened the issue, that got closed prematurely.

@afbjorklund
Copy link
Collaborator Author

Planning to upgrade from 1.3.1 to 1.4.1, but want to get this landed first.

Maybe the conmon-master version needs to be bumped to v0.3.0, too.

@tstromberg tstromberg merged commit e1f8446 into kubernetes:master Jun 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tstromberg tstromberg tstromberg approved these changes

@balopat balopat Awaiting requested review from balopat

@sharifelgamal sharifelgamal Awaiting requested review from sharifelgamal

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Running containers with podman doesn't work
4 participants
@afbjorklund @k8s-ci-robot @sharifelgamal @tstromberg