Open q2dg opened 4 years ago
elico
commented
2 years ago @grossmj @q2dg any progress with this? I wouldn't worry about security with Docker, the whole rootless point is good but up to the point when you really trust the product and the code. Docker is pretty mature to be trusted enough for GNS3. The main issue is compatibility on: RHEL 8+ Fedora 33+ CentOS 8+ Oracle Enterprise Linux 8+ ....
Which I use all the above.
q2dg
commented
1 year ago Yes, after more than two years without any official response, this compatibility issue starts to be a blocking one,
rb83
commented
1 year ago It almost works.
But at the moment podman will always create network interfaces in the container, even when requested not to do so. This prevents ubridge from moving interfaces to the container's namespace & renaming them, since they already exist with the same name inside the container. This is a podman issue, not a GNS3 issue.
With regards to security, it's completely independent of wether one uses Docker or Podman, as GNS3 currently requires the containers to be rootfull anyway (also see #1944).
benyaminl
commented
1 year ago does this include podman.socket needed?
Does this normal when we see this problem on the container for starting?
rb83
commented
1 year ago @benyaminl that error message is misleading (the GNS3 GUI thinks the container's stdout error message is related, but it's not). The process fails earlier, as described in my previous message.
You have to use docker for the time being.
benyaminl
commented
1 year ago @rb83 So sad :')
Thanks for clear things up.. Probably I will use full Qemu VM for now. Thank you!
q2dg
commented
1 year ago Well, it seems bad Podman's behaviour, which was a no-go in this issue until resolved, is finally resolved: https://github.com/containers/podman/issues/16716
benyaminl
commented
1 year ago @q2dg have you test it on newest GNS3? Does it work?
q2dg
commented
1 year ago Not yet. I'll update this thread with new information when I get it
RushingAlien
commented
11 months ago Still same /etc/hosts issue looks like
q2dg
commented
10 months ago I'm waiting to new Podman's v.5.0, where there are some changes in its internal network stack. When released I'll give feedback
RushingAlien
commented
3 weeks ago still getting this issue. even with a rootful podman with the socket over at /run/podman/podman.sock
RushingAlien
commented
3 weeks ago Hey! So through the closed ticket, it seems to me we need to run the container with --no-hosts, is there a way to configure how gns starts or creates docker contaienrs, want to create one with --no-hosts, or use --add-host=host:ip instead of sed-ing
Hello. Have you considered Podman container support? Its API is very similar to Docker's one. I would be great for running Gns3 in RedHat/Fedora/CentOS hosts, where Docker isn't officially available. Furthermore, it increases the security of all. Thanks!