Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can minikube pass options to podman? #13855

Closed
chicks-net opened this issue Mar 24, 2022 · 4 comments
Closed

Can minikube pass options to podman? #13855

chicks-net opened this issue Mar 24, 2022 · 4 comments
Labels
co/podman-driver podman driver issues os/macos

Comments

@chicks-net
Copy link

What Happened?

Minikube's podman driver leads to setting a global podman option in a way this isn't great for security.

podman system connection default podman-machine-default-root

If minikube could see fit to let us pass the --connection option to podman then this could be worked around just for minikube and not leave podman's defaults in a less secure state.

Attach the log file

N/A

Operating System

macOS (Default)

Driver

Podman
@chicks-net chicks-net mentioned this issue Mar 24, 2022
Closed
@afbjorklund
Copy link
Collaborator

afbjorklund commented Mar 24, 2022
edited

You can set the CONTAINER_CONNECTION environment variable, if you don't want to change global podman configuration.

export CONTAINER_CONNECTION=podman-machine-default-root

There is also some fancy new flag in Podman 4.0, that will let you choose the regular (not rootless) containers by default.

podman machine set --rootful podman-machine-default

@afbjorklund afbjorklund added the co/podman-driver podman driver issues label Mar 24, 2022
@afbjorklund
Copy link
Collaborator

There is also some folks looking for testers of rootless podman:

@chicks-net
Copy link
Author

This totally addresses my immediate question. I was able to get it to start with:

CONTAINER_CONNECTION=podman-machine-default-root minikube start --driver=podman --container-runtime=cri-o

But then you have to include that for every invocation of the minikube command:

% minikube status
E0324 16:09:26.372335   95330 status.go:258] status error: host: state: unknown state "minikube": podman container inspect minikube --format={{.State.Status}}: exit status 125
stdout:

stderr:
Error: error inspecting object: no such container "minikube"
E0324 16:09:26.372350   95330 status.go:261] The "minikube" host does not exist!
minikube
type: Control Plane
host: Nonexistent
kubelet: Nonexistent
apiserver: Nonexistent
kubeconfig: Nonexistent

% CONTAINER_CONNECTION=podman-machine-default-root minikube status
minikube
type: Control Plane
host: Running
kubelet: Running
apiserver: Running
kubeconfig: Configured

Hopefully #13829 will lead to a cleaner solution.

@afbjorklund
Copy link
Collaborator

Minikube only looks for the traditional environment variables, such as DOCKER_HOST and CONTAINER_HOST.

There is no support for these new "context" and "connection", that have a global impact (beyond the current shell)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
co/podman-driver podman driver issues os/macos
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chicks-net @afbjorklund