Evaluate Kata + Podman #1358
Comments
|
Any progress on this front? @gabibeyer can you summarize your findings thus far? |
|
kata seems to work pretty seamlessly with podman as long as selinux is disabled (which already seems to be a reported issue within kata). I have gotten it running in fedora 28, trying ubuntu bionic currently just to see if there are differences. |
|
@gabibeyer can you describe your setup. Also the final goal is to run Kata as rootless with podman. We need to ensure we do not create files with root uid/gid on the host side when using overlay. Also ensure that the other files like resolv.conf etc do not end up being root when modified. |
|
@mcastelino right, that is not yet rootless,. Should I still describe my setup if it is not yet the rootless implementation? |
|
Modifications to podman and slirp4netns are in progress for a rootless podman + kata integration |
|
Before using the default ctrsMapTrePath, check whether the runtime is being ran rootlessly, and if so set the ctrsMapTreePath to the rootlessRuntimeDir configured by the libpod rootless library. Fixes: kata-containers#1358 Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
Before using the default ctrsMapTrePath, check whether the runtime is being ran rootlessly, and if so set the ctrsMapTreePath to the rootlessRuntimeDir configured by the libpod rootless library. Fixes: kata-containers#1358 Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
Before using the default ctrsMapTrePath, check whether the runtime is being ran rootlessly, and if so set the ctrsMapTreePath to the rootlessRuntimeDir configured by the libpod rootless library. Fixes: kata-containers#1358 Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
|
Any plans to add tests for podman? |
|
@alicefr - we're hoping to convert kata-containers/documentation#565 into both a document and a test (by "executing" the document commands). However, if you have cycles to help write some more comprehensive tests, that would be great! 😄 |
|
@jodh-intel thx!Nice! There are some tests in the podman repo at https://github.com/containers/libpod/tree/master/test. I'm not sure if they can be extended to be used with kata. I'm trying to check if podman+kata works on s390x. I'll have a look after to their testsuite. |
I'm confident integration of Kata into podman is feasible, and we should have a "how-to" guide and some level of automated testing available to ensure the 'how-to' guides' functionality.
Futher, it would be good to evaluate this in the context of running kata rootless. This should be feasible with overlay2, though there would likely be complications wrt devicemapper.
The text was updated successfully, but these errors were encountered: