Last active
October 7, 2021 16:46
-
-
Save kanaka/950e307e1c8c9ccbea70de04d0267894 to your computer and use it in GitHub Desktop.
podman non-deterministic /sys mounting behavior bug (https://github.com/containers/podman/issues/11887)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM ubuntu:20.04 as base | |
| RUN apt-get -y update | |
| RUN apt-get -y install iproute2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| #mount | |
| echo "creating ns1" | |
| ip netns add ns1 | |
| echo "listing namespaces" | |
| ip netns ls | |
| echo "netns exec into ns1" | |
| ip netns exec ns1 ip link |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| IMAGE_NAME="${IMAGE_NAME:-podman-netns-debug}" | |
| CMD="${CMD:-/test-ns.sh}" | |
| PODMAN="${PODMAN:-podman}" | |
| extra_mounts= | |
| for m in "${@}"; do | |
| mkdir -p $(pwd)/tmp/$m | |
| extra_mounts="${extra_mounts} -v $(pwd)/tmp/$m:/var/run/$m:ro" | |
| done | |
| #${PODMAN} version | |
| ${PODMAN} run --rm -it \ | |
| --cap-add SYS_ADMIN \ | |
| -v $(pwd)/test-ns.sh:/test-ns.sh:ro \ | |
| -v $HOME/.local/share/containers/storage/overlay:/overlay:ro \ | |
| ${extra_mounts} \ | |
| ${IMAGE_NAME} \ | |
| ${CMD} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ podman build -t podman-netns-debug . | |
| STEP 1/3: FROM ubuntu:20.04 AS base | |
| STEP 2/3: RUN apt-get -y update | |
| --> Using cache 36013c707a11619351ddc6077eee29cb623b178d268b2dccf3ca5a721eca6360 | |
| --> 36013c707a1 | |
| STEP 3/3: RUN apt-get -y install iproute2 | |
| --> Using cache d818129262fdcafc0f4a2e1c0c06be71bab1546cdb904e88b0f62dd060478c02 | |
| COMMIT podman-netns-debug | |
| --> d818129262f | |
| Successfully tagged localhost/podman-netns-debug:latest | |
| d818129262fdcafc0f4a2e1c0c06be71bab1546cdb904e88b0f62dd060478c02 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ./test.sh foo bar | |
| creating ns1 | |
| listing namespaces | |
| ns1 | |
| netns exec into ns1 | |
| 1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default qlen 1000 | |
| link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ./test.sh foo bar | |
| creating ns1 | |
| listing namespaces | |
| ns1 | |
| netns exec into ns1 | |
| mount of /sys failed: Operation not permitted |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment