-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Compatability with docker client #11668
Comments
@jwhonce PTAL |
Are you sure podman is configured to listen on /run/docker.sock? |
When using the docker client, it needs the (real)
You can see when running the client with the $ export DOCKER_HOST=ssh://root@localhost:35125
$ docker -D version
DEBU[0000] commandconn: starting ssh with [-l root -p 35125 -- localhost docker system dial-stdio] But then you can ask it to talk to the podman socket, by setting the $DOCKER_HOST in the bashrc. $ ssh -l root -p 35125 localhost 'echo $DOCKER_HOST'
unix:///run/podman/podman.sock |
I think this is enough info to allow me to close. Reopen if I am mistaken. |
Would it be feasible to implement
Then again, CoreOS already includes So docker clients work with |
Anything is possible, just need volunteers. |
@afbjorklund
|
I think
As mentioned, you also need to set $DOCKER_HOST to the podman socket. Or you will get error:
|
I think that |
I don't know why they do it that way when it can be tunneled purely in |
Although |
Do tools other then Docker client require |
I cannot tell. From what I've seen it's only |
@jeremy-chua I think that once you install |
@rhatdan docker-py ("pip install docker") also requires https://github.com/docker/docker-py/blob/master/docker/transport/sshconn.py#L46 The other SDK don't support Thus the need to continue with the i.e. PR #11643 |
btw I just tried to replace #/bin/bash
socat - /run/user/1000/podman/podman.sock and it worked 😄 |
The recommendation was to set rootless podman for ~core and root podman for ~root. Less surprises, that way: #11643 (comment) You need to do the same kind of configuration, in order to run rootless docker over ssh: https://docs.docker.com/engine/security/rootless/#expose-docker-api-socket-through-ssh |
I think |
quite likely |
See https://docs.docker.com/engine/release-notes/18.09/#18090 and
|
thanks guys!!! honestly, i had a hard time getting rootless podman with cgroup2 to work. I needed to limit resource for containers. will explore further once i have more time. :) |
Anyone interested in opening a PR for |
I'll reopen and tag as a feature for adding that command. |
There was a long story: moby/moby#33566 (comment)
|
Adding dial-stdio CLI cmd Signed-off-by: Jake Parks <[email protected]> Made dial-stdio URI configurable Slight refactors Signed-off-by: Jake Parks <[email protected]> Added simple test for existence of `podman system dial-stdio` command Fix 'system dial-stdio' integration tests Changed link in comment to permalink
Should we keep this ticket opened in order also to cover the changes needed to simplify the life of the macos, windows users when they will access the 1. Cannot connect to the docker daemon
2. Host key verification failed
3. unrecognized command
|
I'm also getting the same error when I try to create a kind k8s cluster (= container) using the docker daemon running within the podman VM (= fed34)
|
@cmoulliard I believe there is already merged PR implementing dial-stdio #11819. Furthermore @n1hility is working on automatic socket tunneling containers/gvisor-tap-vsock#58. |
And I am working on support of ssh connections in |
workaround: if ! which docker; then
docker () {
if [ "$1" = "system" ] && [ "$2" = "dial-stdio" ]; then
if [ "$3" = "--help" ]; then
echo "\nProxy the stdio stream to the daemon connection."
exit 0
else
exec socat - "/run/user/1000/podman/podman.sock"
fi
fi
exec podman $@
}
fi into VM's |
I got an error as
cat the file
The problem is still there even using the workaround VM
From laptop
|
Problem of the workaround fixed
REMARK: For On the laptop
|
you might want to change the line for root's .bashrc to |
I updated my comment |
@cmoulliard : as discussed in chat, to get the address of a The relationship between the two commands is not that obvious, and it is only the name that links them together. $ podman4 machine list
NAME VM TYPE CREATED LAST UP CPUS MEMORY DISK SIZE
podman-machine-default* qemu 39 hours ago Currently running 1 2.147GB 10.74GB
$ podman4 system connection ls
Name Identity URI
podman-machine-default* /home/anders/.ssh/podman-machine-default ssh://core@localhost:44133/run/user/1000/podman/podman.sock
podman-machine-default-root /home/anders/.ssh/podman-machine-default ssh://root@localhost:44133/run/podman/podman.sock You can also see the command in the debug log: $ podman4 --log-level debug machine ssh
INFO[0000] podman4 filtering at log level debug
...
DEBU[0000] Executing: ssh [-i /home/anders/.ssh/podman-machine-default -p 44133 core@localhost -o UserKnownHostsFile /dev/null -o StrictHostKeyChecking no]
Warning: Permanently added '[localhost]:44133' (ECDSA) to the list of known hosts.
... There you also see the other needed ssh config... However, that warning at the end is a bug. It needs some additional configuration to the ssh command, to hide it.
|
Pardon me if its the wrong channel to ask this question.
I installed podman on Centos 8 steam using the command
Here's the output of docker version
I have a docker client on a windows which i added a context with ssh
The docker client version is
I got this error when executing docker --context remote ps
error during connect: Get "http://docker.example.com/v1.24/version": command [ssh -l admin -- 192.168.1.121 docker system dial-stdio] has exited with exit status 125, please make sure the URL is valid, and Docker 18.09 or later is installed on the remote host: stderr=Error: unrecognized command
podman system dial-stdio
Try 'podman system --help' for more information.
Any comments will be greatly appreciated
The text was updated successfully, but these errors were encountered: