-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade v5.1.1 #91
Upgrade v5.1.1 #91
Conversation
PROBLEM: Even after upgrading to podman 5.0.3, many e2e tests are still failing, particularly those trying to run podman as root which appears to use pasta and fails as follows:
This is how to reproduce the error directly (using the changes within this PR/branch):
I wonder whether it should be using pasta at all when running as root? Rootless networking seems to work, except for port-forwarding. |
54507de
to
4315ec1
Compare
Code copied from mgoltzsche/podman-static PR mgoltzsche#91, with some alterations.
2059bd6
to
ae522af
Compare
Upgrading podman to version 5.1.1 made the rootful network connectivity test pass (where pasta failed previously when run as root).
|
08a9833
to
0312cb1
Compare
# The rootless-netns directory is created explicitly here as a workaround to make the test pass. | ||
# See https://github.com/containers/podman/discussions/22903#discussioncomment-9675638 | ||
# and https://github.com/containers/common/pull/2042 | ||
$DOCKER run --rm --privileged -u podman:podman \ | ||
-v "$PODMAN_ROOT_DATA_DIR:/podman/.local/share/containers/storage" \ | ||
--mount="type=bind,src=`pwd`/test/pod.yaml,dst=/pod.yaml" \ | ||
--pull=never "${PODMAN_IMAGE}" \ | ||
podman play kube /pod.yaml | ||
sh -c ' | ||
set -ex; | ||
mkdir -pm700 /tmp/storage-run-1000/containers/networks/rootless-netns/run; | ||
podman play kube /pod.yaml | ||
' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like the workaround made it work.
I am inclined to release it as is but I'll let it soak in another day or two in case some other idea comes to mind or the upstream fix gets released quickly.
* Upgrade to podman 5 * Include netavark and pasta binaries (new podman network stack and CNI replacement) * Makefile: Don't access image dir directly for copy out
de743e0
to
9b452b9
Compare
e410832
to
288b008
Compare
Now that I rebuilt the PR without changes really, the port-forwarding tests are failing also within the CI build as on my machine (docker 26.1.4).
but the failing build from today logs:
Also, the rootful port-forwarding test fails on my machine when I run the tests against the v4.9.5 build - rootless port-forwarding still works on my machine with podman 4.9.5, using the old network stack, though. |
* podman 5.1.1 * drop CNI networking and slirp4netns in favour of netavark + pasta * build statically linked netavark, pasta and aardvark * conmon 2.1.11 * crun 1.15 * crun is also shipped with the normal (non-minimal) image now. * build using golang 1.22, use alpine 3.19 base container Co-authored-by: Trent Apple <[email protected]>
Turns out that the newer docker version adds an |
Upgrade to Podman 5.1.1 and drop CNI networking and slirp4netns in favour of netavark (statically linked) and pasta.
This is a follow-up of #87 and #90.