podman current support and known issues

[joshua-portainer]

Users will now be able to deploy our portainer agent on podman and connect to that via a portainer instance to manage the podman environment.

Known issues:

App Templates

• Create new container with template – Error “Failure – name or ID cannot be empty”

Container

• Stats (rootless) – Does not work because root privileges are required
• Stats (rootful) – “error”
• Podman-attach - Does not connect automatically
• Recreate container (recreate) – Error “Failure – Unable to re-create container”
• Pause – Only works for root container
• Resume – Only works for root container
• Duplicate / Edit error

Images

• Import – Image is displayed locally with podman images but you can’t start a container with the image

Volumes

• Browse existing volumes -> Does not show any files from the volume. Portainer shows error: Failure - open /var/lib/docker/volumes/NginxTestVolume/_data: no such file or directory

Events

• Content of events : Shows “Unsupported event” as an event. i.e. the creation of a new container is shown as an “unsupported event”

[wzzrd]

Sweet! Is there a roadmap of some sorts which covers these issues?

[joshua-portainer]

Hi @wzzrd,

These are not currently scheduled for a release at this time, But we do see opportunity for these issues to be addressed as we grow our support for all container platforms. We do welcome feedback and contributions around podman.

[LeVraiRoiDHyrule]

Hi, I'm trying to run portainer on podman as root, but I always get the following error : Error: cannot open sd-bus: No such file or directory: OCI not found

This happens when I try to run portainer as root. The command I'm trying is: podman run -d -p 8000:8000 -p 9443:9443 --privileged --name portainer --restart=always -v /var/run/podman/podman.sock:/var/run/docker.sock -v portainer_data:/data docker.io/portainer/portainer-ce:latest

Does someone have a solution ? I found no mention of this error anywhere. I am running this as root on a fresh debian install.

[bnhf]

Hi, I'm trying to run portainer on podman as root, but I always get the following error : Error: cannot open sd-bus: No such file or directory: OCI not found

This happens when I try to run portainer as root. The command I'm trying is: podman run -d -p 8000:8000 -p 9443:9443 --privileged --name portainer --restart=always -v /var/run/podman/podman.sock:/var/run/docker.sock -v portainer_data:/data docker.io/portainer/portainer-ce:latest

Does someone have a solution ? I found no mention of this error anywhere. I am running this as root on a fresh debian install.

@LeVraiRoiDHyrule

This should get you a little further:

podman run -d -p 8000:8000 -p 9000:9000 -p 9443:9443 --privileged --name portainer \
    --restart=always \
    -v /run/podman/podman.sock:/var/run/docker.sock \
    -v portainer_data:/data \
    cr.portainer.io/portainer/portainer-ce:latest

You can eliminate -p 9000 if you don't want http access. Note the difference in the volume mapping of the Podman socket.

[bnhf]

Just trying out Portainer with Podman myself, and I'm seeing a few issues (running as root). "Failure - unable to find bridge plugin" seems to be the most significant, as I'm not able to get any data about my container networks.

Anyone figured out a fix for this?

[LeVraiRoiDHyrule]

Hi, I'm trying to run portainer on podman as root, but I always get the following error : Error: cannot open sd-bus: No such file or directory: OCI not found This happens when I try to run portainer as root. The command I'm trying is: podman run -d -p 8000:8000 -p 9443:9443 --privileged --name portainer --restart=always -v /var/run/podman/podman.sock:/var/run/docker.sock -v portainer_data:/data docker.io/portainer/portainer-ce:latest Does someone have a solution ? I found no mention of this error anywhere. I am running this as root on a fresh debian install.

@LeVraiRoiDHyrule

This should get you a little further:

podman run -d -p 8000:8000 -p 9000:9000 -p 9443:9443 --privileged --name portainer \
    --restart=always \
    -v /run/podman/podman.sock:/var/run/docker.sock \
    -v portainer_data:/data \
    cr.portainer.io/portainer/portainer-ce:latest

You can eliminate -p 9000 if you don't want http access. Note the difference in the volume mapping of the Podman socket.

Thanks for your answer. Unfortunately, I'm still getting the same error with this run command.

[bnhf]

Thanks for your answer. Unfortunately, I'm still getting the same error with this run command.

@LeVraiRoiDHyrule

Are you able to launch other containers using Podman?

[skewty]

Portainer 2.15.1 running on top of up-to-date Fedora Workstation I am experiencing a network name issue.

It seems the name value is referencing the driver field value instead of the name field value. "podman" != "bridge"

wrong name field is used here:

when I click on "bridge" network it shows proper name:

wrong name field is used here:

I am unable to create new containers because it errors out on the network name being invalid.

[tiritto]

I am unable to create new containers because it errors out on the network name being invalid.

Having the exact same issue with podman 4.2.0 and portainer 2.16.2 CE.

[DocMAX]

this error? so i have it too: failed to deploy a stack: Network hello_default Creating Network hello_default Created Container hello-hello_world-1 Creating Container hello-hello_world-1 Created Container hello-hello_world-1 Starting Error response from daemon: plugin type="bridge" failed (add): failed to find plugin "bridge" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]

[jzapater]

Same problem :(

[unclamped]

Hi, I'm trying to run portainer on podman as root, but I always get the following error : Error: cannot open sd-bus: No such file or directory: OCI not found

This happens when I try to run portainer as root. The command I'm trying is: podman run -d -p 8000:8000 -p 9443:9443 --privileged --name portainer --restart=always -v /var/run/podman/podman.sock:/var/run/docker.sock -v portainer_data:/data docker.io/portainer/portainer-ce:latest

Does someone have a solution ? I found no mention of this error anywhere. I am running this as root on a fresh debian install.

I had the same issue, but I was able to fix it by setting the cgroup manager to cgroupfs: podman run -d -p 8000:8000 -p 9443:9443 --privileged --name portainer --cgroup-manager cgroupfs --restart=always -v /run/podman/podman.sock:/var/run/docker.sock:Z -v portainer_data:/data docker.io/portainer/portainer-ce:latest

[mrozekma]

I am unable to create new containers because it errors out on the network name being invalid.

I worked around this for now by creating a new bridge network named "bridge2". That one shows up with the correct name and appears to work fine.

[MaurUppi]

Hi there

Can't run portainer on CentOS 8-Stream, error msg is "Error: OCI runtime error: runc: runc create failed: mountpoint for devices not found"

[root@centos ~]# uname -a
Linux centos.homelab 4.18.0-500.el8.x86_64 #1 SMP Wed Jun 28 00:07:07 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

[root@centos ~]# getenforce
Permissive

[root@centos ~]# podman run -d -p 8000:8000 -p 9443:9443 --privileged --name portainer-ce --cgroup-manager cgroupfs --restart=always -v /run/podman/podman.sock:/var/run/docker.sock:Z -v /opt/portainer-ce:/data portainer/portainer-ce:latest
Your kernel does not support pids limit capabilities or the cgroup is not mounted. PIDs limit discarded.
WARN[0000] Failed to add conmon to cgroupfs sandbox cgroup: creating cgroup for cpu: mkdir /sys/fs/cgroup/cpu/libpod_parent: read-only file system
Error: OCI runtime error: runc: runc create failed: **mountpoint for devices not found**

[root@centos ~]# podman run -d -p 8000:8000 -p 9443:9443 --privileged --name portainer-ce --restart=always -v /run/podman/podman.sock:/var/run/docker.sock:Z -v /opt/portainer-ce:/data portainer/portainer-ce:latest
Your kernel does not support pids limit capabilities or the cgroup is not mounted. PIDs limit discarded.
Error: OCI runtime error: runc: runc create failed: **mountpoint for devices not found**

[root@centos ~]# mount | grep cgroup
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,seclabel,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)

[root@centos ~]# ps auxfww | grep podman
root      342504  0.0  0.0  12144  1188 pts/0    S+   11:50   0:00  |       |   \_ grep --color=auto podman
root      307020  0.1  1.1 1627672 67944 ?       Ssl  10:28   0:08 /usr/bin/podman --log-level=info system service

[root@centos ~]# more /proc/307020/cgroup
11:memory:/init.scope
8:devices:/
6:pids:/init.scope
4:cpu,cpuacct:/
2:blkio:/
1:name=systemd:/system.slice/podman.service

Can someone guide me what or which mountpoint is NOT be found? thx!!!

Edited: after changed cgroup to cgrroup v2 and reboot the system grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=1"

podman run -d -p 8000:8000 -p 9443:9443 --privileged --name portainer-ce --restart=always -v /run/podman/podman.sock:/var/run/docker.sock:Z -v /opt/portainer-ce:/data portainer/portainer-ce:latest

the portainer container is running now.

[root@centos ~]# podman ps -a
CONTAINER ID  IMAGE                                    COMMAND     CREATED        STATUS        PORTS                                           NAMES
48f4addc5dcd  docker.io/portainer/portainer-ce:latest              4 minutes ago  Up 4 minutes  0.0.0.0:8000->8000/tcp, 0.0.0.0:9443->9443/tcp  portainer-ce