Right now hooks that do mount magic do not work, because crun and podman will try to stat the source volume before even running hooks.
Refs:
Hopefully this will work in the future. For now below are the steps to test the hooks.
This is all being done inside the podman machine on a macbook.
So busybox doesn't have everything that is needed to live life in initramfs. Whatever, it doesn't matter.
Builds can be done inside podman run --rm -it --name builder-box alpine
apk add -U build-base curl
curl -LO https://mirrors.edge.kernel.org/pub/linux/kernel/people/tytso/e2fsprogs/v1.46.4/e2fsprogs-1.46.4.tar.gz
tar -xzf e2fsprogs-1.46.4.tar.gz
cd e2fsprogs-1.46.4
Based on reading this, it's wrong about the path /etc/containers/oci/hooks.d. I assume /usr/share/containers/oci/hooks.d works because of output from podman --help but I'm testing this in the podman machine, which that path is read-only (that is why I'm testing the way I am).
This is all being done inside the podman machine on a macbook.
$ podman machine init
$ podman machine start
$ podman machine ssh
| // A small SSH daemon providing bash sessions | |
| // | |
| // Server: | |
| // cd my/new/dir/ | |
| // #generate server keypair | |
| // ssh-keygen -t rsa | |
| // go get -v . | |
| // go run sshd.go | |
| // | |
| // Client: |
| package main | |
| import ( | |
| "fmt" | |
| "log" | |
| "reflect" | |
| ) | |
| // a map of functions to be dynamically called... | |
| var funcMap = make(map[string]interface{}) |
Sometimes JSON maps are not perfect, so you must transform the data as it is being marshalled and unmarshalled to fit in Go.
This example implements MarshalJSON() and UnmarshalJSON() on a struct to remap json fields as needed to fit the struct.
With Docker Desktop becoming more restricted, I've decided to move on to just using minikube. In doing so, I've consolidated my notes as follows.
Use brew to install the docker cli and minikube.
$ brew install minikube docker kubectl hyperkit
The first time you start minikube, you should specify any settings you desire.
In my storage quests, I finally decided I want to lazily use S3 for ReadWriteMany and to do do some experiments with.
There are a few options, but to save you some time if you just want what I landed on, I like csi-s3.
Well... this works great! The only problem was that it needed security privileges for mounting. That would be terrible if a container with this power got compromised, so I immediately moved on to getting this a layer away from being managed in-pod.
My initial plan was to just use the nfs-subdir-external-provisioner on top of a multi-replica S3 backed deployment of NFS Ganesha.
This script just sets up a single Ubuntu 20.04LTS server with Kubernetes for testing purposes.
curl -sL https://gist.githubusercontent.com/protosam/ecb00654023114d04f07c0d484d2d185/raw/4ec67760e1870da86674391ccb3d5455401a55fc/k8s-setup.sh | bash
I don't understand why livepony.py works and deadpony.py results in error. This shouldn't matter.
$ python3 deadpony.py
Traceback (most recent call last):
File "deadpony.py", line 8, in <module>
class AuthToken(db.Entity):
File "deadpony.py", line 10, in AuthToken
user_uuid = orm.Required(uuid.UUID)
AttributeError: 'PrimaryKey' object has no attribute 'UUID'