docker-compose up edgex jakarta #14133
Labels
kind/bug
Categorizes issue or PR as related to a bug.
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
Comments
|
Thanks for reaching out! I did not verify but I suspect that the issue is that format of |
|
Yes, that must be it: @nicrowe00, I think that's a nice one for you. |
mheon
pushed a commit
to mheon/libpod
that referenced
this issue
Jun 14, 2022
In docker, the format of no-new-privileges is "no-new-privileges:true". However, for Podman all that's required is "no-new-privileges", leading to issues when attempting to use features desgined for docker in podman. Adding support for the ":" format to be used along with the "=" format, depedning on which one is entered by the user. fixes containers#14133 Signed-off-by: Niall Crowe <nicrowe@redhat.com>
gbraad
pushed a commit
to gbraad-redhat/podman
that referenced
this issue
Jul 13, 2022
In docker, the format of no-new-privileges is "no-new-privileges:true". However, for Podman all that's required is "no-new-privileges", leading to issues when attempting to use features desgined for docker in podman. Adding support for the ":" format to be used along with the "=" format, depedning on which one is entered by the user. fixes containers#14133 Signed-off-by: Niall Crowe <nicrowe@redhat.com>
github-actions
bot
added
the
locked - please file new issue/PR
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
/kind bug
Description
Use podman with docker-compose to start up edgex jakarta version.
https://github.com/edgexfoundry/edgex-compose/blob/jakarta/docker-compose.yml
sudo DOCKER_HOST=unix:///var/run/podman/podman.sock docker-compose up -d
Creating edgex-security-bootstrapper ... error
Creating edgex-ui-go ...
ERROR: for edgex-security-bootstrapper Cannot create container for service security-bootstrapper: fill out specgen: invalid --security-opt 1: "no-new-Creating edgex-ui-go ... error
ERROR: for edgex-ui-go Cannot create container for service ui: fill out specgen: invalid --security-opt 1: "no-new-privileges:true"
ERROR: for security-bootstrapper Cannot create container for service security-bootstrapper: fill out specgen: invalid --security-opt 1: "no-new-privileges:true"
ERROR: for ui Cannot create container for service ui: fill out specgen: invalid --security-opt 1: "no-new-privileges:true"
ERROR: Encountered errors while bringing up the project.
Describe the results you received:
failed to start up edgex jakarta version.
Describe the results you expected:
succeeded to start up edgex jakarta version.
Additional information you deem important (e.g. issue happens only occasionally):
Output of
podman version:Client: Podman Engine
Version: 4.1.0-dev
API Version: 4.1.0-dev
Go Version: go1.16
Git Commit: a3908b0
Built: Thu May 5 16:00:26 2022
OS/Arch: linux/amd64
Output of
podman info --debug:host:
arch: amd64
buildahVersion: 1.26.0-dev
cgroupControllers: []
cgroupManager: cgroupfs
cgroupVersion: v1
conmon:
package: conmon_100:2.1.0-2_amd64
path: /usr/libexec/podman/conmon
version: 'conmon version 2.1.0, commit: '
cpuUtilization:
idlePercent: 90.97
systemPercent: 3.22
userPercent: 5.8
cpus: 8
distribution:
codename: bionic
distribution: ubuntu
version: "18.04"
eventLogger: journald
hostname: daas
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 5.4.0-109-generic
linkmode: dynamic
logDriver: journald
memFree: 783097856
memTotal: 16551878656
networkBackend: cni
ociRuntime:
name: crun
package: crun_100:0.18-2_amd64
path: /usr/bin/crun
version: |-
crun version 0.18.1-7931a-dirty
commit: 7931a1eab0590eff4041c1f74e2844b297c31cea
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
os: linux
remoteSocket:
path: /run/user/1000/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns_100:1.1.8-3_amd64
version: |-
slirp4netns version 1.1.8
commit: unknown
libslirp: 4.3.1-git
SLIRP_CONFIG_VERSION_MAX: 3
libseccomp: 2.3.1
swapFree: 2003230720
swapTotal: 2147479552
uptime: 259h 56m 17.29s (Approximately 10.79 days)
plugins:
log:
network:
volume:
registries:
search:
store:
configFile: /home/user/.config/containers/storage.conf
containerStore:
number: 1
paused: 0
running: 0
stopped: 1
graphDriverName: vfs
graphOptions: {}
graphRoot: /home/user/.local/share/containers/storage
graphRootAllocated: 1055815524352
graphRootUsed: 807820865536
graphStatus: {}
imageCopyTmpDir: /var/tmp
imageStore:
number: 2
runRoot: /run/user/1000/containers
volumePath: /home/user/.local/share/containers/storage/volumes
version:
APIVersion: 4.1.0-dev
Built: 1651737626
BuiltTime: Thu May 5 16:00:26 2022
GitCommit: a3908b0
GoVersion: go1.16
Os: linux
OsArch: linux/amd64
Version: 4.1.0-dev
Additional environment details (AWS, VirtualBox, physical, etc.):
physical
The text was updated successfully, but these errors were encountered: