Podman creation fails

[sehz]

What happened:

Following doc for starting kind on podman:

KIND_EXPERIMENTAL_PROVIDER=podman kind create cluster
using podman due to KIND_EXPERIMENTAL_PROVIDER
enabling experimental podman provider
Cgroup controller detection is not implemented for Podman. If you see cgroup-related errors, you might need to set systemd property "Delegate=yes", see https://kind.sigs.k8s.io/docs/user/rootless/
Creating cluster "kind" ...
 ✓ Ensuring node image (kindest/node:v1.21.1) 🖼 
 ✗ Preparing nodes 📦  
ERROR: failed to create cluster: podman run error: command "podman run --hostname kind-control-plane --name kind-control-plane --label io.x-k8s.kind.role=control-plane --privileged --tmpfs /tmp --tmpfs /run --volume 56dcb311adfa416309a7348d0fbe394ba80ce4267330b95257f6574818b264a3:/var:suid,exec,dev --volume /lib/modules:/lib/modules:ro --detach --tty --net kind --label io.x-k8s.kind.cluster=kind -e container=podman --publish=127.0.0.1:50715:6443/tcp -e KUBECONFIG=/etc/kubernetes/admin.conf kindest/node@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6" failed with error: exit status 126
Command Output: Error: error configuring network namespace for container 47704ccffa0ec65232dacc224c606d900f71d08e4e51232bfc43733bab2b3f90: error adding pod kind-control-plane_kind-control-plane to CNI network "kind": failed to list chains: running [/usr/sbin/ip6tables -t nat -S --wait]: exit status 3: modprobe: ERROR: could not insert 'ip6_tables': Operation not permitted
ip6tables v1.8.7 (legacy): can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.

What you expected to happen:

Cluster is being created
How to reproduce it (as minimally and precisely as possible):

• Install latest version of Podman: brew install podmann
• Install latest version of kind: brew install kind

Init Podman:

podman machine init

then install kind:

 KIND_EXPERIMENTAL_PROVIDER=podman kind create cluster

Anything else we need to know?:

This is running Arm64 MacBook Pro:

Environment:

• kind version: (use kind version): kind v0.11.1 go1.17.2 darwin/arm64
• Kubernetes version: (use kubectl version): kubectl version Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.3", GitCommit:"c92036820499fedefec0f847e2054d824aea6cd1", GitTreeState:"clean", BuildDate:"2021-10-27T18:34:20Z", GoVersion:"go1.16.10", Compiler:"gc", Platform:"darwin/arm64"}
• Docker version: (use docker info): NA
• OS (e.g. from /etc/os-release):

[aojea]

podman machine is not fully supported in kind until podman solves this issue containers/podman#11528

besides, it seems that the OS inside the podman machine needs to load some kernel modules

Command Output: Error: error configuring network namespace for container 47704ccffa0ec65232dacc224c606d900f71d08e4e51232bfc43733bab2b3f90: error adding pod kind-control-plane_kind-control-plane to CNI network "kind": failed to list chains: running [/usr/sbin/ip6tables -t nat -S --wait]: exit status 3: modprobe: ERROR: could not insert 'ip6_tables': Operation not permitted
ip6tables v1.8.7 (legacy): can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.

[BenTheElder]

This is not a kind bug, this podman command should just work, this is a podman bug which I see Antonio has linked.

[clebio]

fwiw, nothing in the discussion here or containers/podman#11528 helped me solve this (on Linux Mint 20.2, podman 3.4.2). The explainer that I needed was this comment: #2213 (comment)