cli icon indicating copy to clipboard operation
cli copied to clipboard

Published 20 hours ago verified publisher icon fnproject

Unable to launch the server using Podman over Ubuntu Linux 22.04 LTS

Open mansilva opened this issue 1 year ago • 1 comments

Hello,

I was trying to locally setup the Fn Project to develop some functions to deploy to Oracle Cloud but my setup (Ubuntu 22.04 LTS with deamonless and rootless Podman) doesn't seem to work correctly.

My ${HOME}/.fn/config.yaml looks like this:

cli-version: 0.6.24
container-enginetype: podman
current-context: default

Several executions produced distinct errors:

$ fn start
2023/05/31 21:14:30 ¡¡¡ 'fn start' should NOT be used for PRODUCTION !!! see https://github.com/fnproject/fn-helm/
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
Error: statfs /home/msilva/.fn/iofs: no such file or directory
2023/05/31 21:14:30 Error: processed finished with error exit status 125

$ fn start
2023/05/31 21:14:34 ¡¡¡ 'fn start' should NOT be used for PRODUCTION !!! see https://github.com/fnproject/fn-helm/
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
Error: statfs /var/run/docker.sock: permission denied
2023/05/31 21:14:34 Error: processed finished with error exit status 125

$ fn start
2023/05/31 21:14:39 ¡¡¡ 'fn start' should NOT be used for PRODUCTION !!! see https://github.com/fnproject/fn-helm/
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
Error: statfs /home/msilva/.fn/data: no such file or directory
2023/05/31 21:14:39 Error: processed finished with error exit status 125

It seems the root-cause is a system-call to the docker command which, in turn, is a shell script that just calls podman with the same arguments it receives. I hacked it a bit to see which arguments were being passed and got the following:

run --rm -i --name fnserver -v /home/msilva/.fn/iofs:/iofs -e FN_IOFS_DOCKER_PATH=/home/msilva/.fn/iofs -e FN_IOFS_PATH=/iofs -v /home/msilva/.fn/data:/app/data -v /var/run/docker.sock:/var/run/docker.sock --privileged -p 8080:8080 --entrypoint ./fnserver fnproject/fnserver:latest

Some of the problems I don't know how to workaround but when using Podman is there any way to change the socket "volume" to be /run/user/${UID}/podman/podman.sock:/var/run/docker.sock?

Another thing regarding the Podman setup is that it assumes /etc/containers/registries.conf contains at least:

unqualified-search-registries = ["docker.io"]

Otherwise it fails to pull the OCI.

Edit: I tried to launch the server manually by fixing some arguments just to see if there was any chance to make it work with Podman and got this result:

$ podman run --rm -i --name fnserver -v ${HOME}/.fn/iofs:/iofs -e FN_IOFS_DOCKER_PATH=${HOME}/.fn/iofs -e FN_IOFS_PATH=/iofs -v ${HOME}/.fn/data:/app/data -v /run/user/${UID}/podman/podman.sock:/var/run/docker.sock --privileged -p 8080:8080 --entrypoint ./fnserver fnproject/fnserver:latest
time="2023-06-01T01:02:33Z" level=info msg="Setting log level to" fields.level=info
time="2023-06-01T01:02:33Z" level=info msg="Registering data store provider 'sql'"
time="2023-06-01T01:02:33Z" level=info msg="Connecting to DB" url="sqlite3:///app/data/fn.db"
time="2023-06-01T01:02:33Z" level=info msg="datastore dialed" datastore=sqlite3 max_idle_connections=256 url="sqlite3:///app/data/fn.db"
time="2023-06-01T01:02:33Z" level=info msg="agent starting cfg={MinDockerVersion:17.10.0-ce ContainerLabelTag: DockerNetworks: DockerLoadFile: DisableUnprivilegedContainers:false FreezeIdle:50ms HotPoll:200ms HotLauncherTimeout:1h0m0s HotPullTimeout:10m0s HotStartTimeout:5s DetachedHeadRoom:6m0s MaxResponseSize:0 MaxHdrResponseSize:0 MaxLogSize:1048576 MaxTotalCPU:0 MaxTotalMemory:0 MaxFsSize:0 MaxPIDs:50 MaxOpenFiles:0xc420411718 MaxLockedMemory:0xc420411730 MaxPendingSignals:0xc420411738 MaxMessageQueue:0xc420411740 PreForkPoolSize:0 PreForkImage:busybox PreForkCmd:tail -f /dev/null PreForkUseOnce:0 PreForkNetworks: EnableNBResourceTracker:false MaxTmpFsInodes:0 DisableReadOnlyRootFs:false DisableDebugUserLogs:false IOFSEnableTmpfs:false EnableFDKDebugInfo:false IOFSAgentPath:/iofs IOFSMountRoot:/home/msilva/.fn/iofs IOFSOpts: ImageCleanMaxSize:0 ImageCleanExemptTags: ImageEnableVolume:false}"
time="2023-06-01T01:02:33Z" level=info msg="no docker auths from config files found (this is fine)" error="open /root/.dockercfg: no such file or directory"
time="2023-06-01T01:02:33Z" level=fatal msg="docker version error" error="docker version is too old. Required: 17.10.0-ce Found: 3.4.4"

mansilva avatar May 31 '23 20:05 mansilva