See coreos/fedora-coreos-tracker#396 (comment) for a bit of explanation.
Warning: The script will trigger warning messages in the systemd journal log that look like this:
systemd[1]: sshd.service: Found left-over process 4270 (conmon) in control group while starting unit. Ignoring.
systemd[1]: This usually indicates unclean termination of a previous run, or service implementation deficiencies.
This is probably a side effect of the script booting up podman containers to run semanage
- I don't know how to get rid of this properly if it's possible at all but I think this can be ignored for now.
SSH daemon can take quite a long while to start for the first time due to the one-time image build.
Hello!
Thanks to your great solution, but I found out this might cause some issue with Calico and Kubernetes.
Refers to This issue I opened. Seems like in the default auto IP dectect mode (first-found), there is a good chance that calico will found IP address from interface podman0 which left over after the container running.
There is no need for this container running with network so maybe we could run it with Slirp4netns mode (Could we do that on a Root container?) or could podman run contianer without network? I don't whink we could delete the netbridge after cause then we have to set the kubernetes service run after this service with might take long time to finish.