You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Containerd/nerdctl have instructions for setting up a rootless containerd with rootlesskit. What this does is it launches containerd in a user namespace with some additional tools so that it can setup containers without root.
The snapshotter is specifically out of scope for this issue. I will create a follow up for that because it involves some thinking around how we get the snapshotter installed. Maybe we have an optional install script that modifies the rootless containerd config?
Describe the solution you'd like
SOCI should be able to run with rootless containerd without any special set up on the user's behalf.
Describe any alternative solutions/features you've considered
No response
Any additional context or information about the feature request
No response
The text was updated successfully, but these errors were encountered:
Description
Containerd/nerdctl have instructions for setting up a rootless containerd with rootlesskit. What this does is it launches containerd in a user namespace with some additional tools so that it can setup containers without root.
Nerdctl has a special code path to enter the containerd namespace when not running as root by re-execing itself.
The SOCI CLI doesn't have this, so in order to work with rootless containerd, users need to manually enter the namespace before running SOCI commands:
After these commands, the new shell that the user finds themselves in works as expected:
The snapshotter is specifically out of scope for this issue. I will create a follow up for that because it involves some thinking around how we get the snapshotter installed. Maybe we have an optional install script that modifies the rootless containerd config?
Describe the solution you'd like
SOCI should be able to run with rootless containerd without any special set up on the user's behalf.
Describe any alternative solutions/features you've considered
No response
Any additional context or information about the feature request
No response
The text was updated successfully, but these errors were encountered: