Open q2dg opened 4 years ago
@grossmj @q2dg any progress with this? I wouldn't worry about security with Docker, the whole rootless point is good but up to the point when you really trust the product and the code. Docker is pretty mature to be trusted enough for GNS3. The main issue is compatibility on: RHEL 8+ Fedora 33+ CentOS 8+ Oracle Enterprise Linux 8+ ....
Which I use all the above.
Yes, after more than two years without any official response, this compatibility issue starts to be a blocking one,
It almost works.
But at the moment podman will always create network interfaces in the container, even when requested not to do so. This prevents ubridge from moving interfaces to the container's namespace & renaming them, since they already exist with the same name inside the container. This is a podman issue, not a GNS3 issue.
With regards to security, it's completely independent of wether one uses Docker or Podman, as GNS3 currently requires the containers to be rootfull anyway (also see #1944).
does this include podman.socket needed?
Does this normal when we see this problem on the container for starting?
@benyaminl that error message is misleading (the GNS3 GUI thinks the container's stdout error message is related, but it's not). The process fails earlier, as described in my previous message.
You have to use docker for the time being.
@rb83 So sad :')
Thanks for clear things up.. Probably I will use full Qemu VM for now. Thank you!
Well, it seems bad Podman's behaviour, which was a no-go in this issue until resolved, is finally resolved: https://github.com/containers/podman/issues/16716
@q2dg have you test it on newest GNS3? Does it work?
Not yet. I'll update this thread with new information when I get it
Still same /etc/hosts issue looks like
I'm waiting to new Podman's v.5.0, where there are some changes in its internal network stack. When released I'll give feedback
still getting this issue. even with a rootful podman with the socket over at /run/podman/podman.sock
Hey! So through the closed ticket, it seems to me we need to run the container with --no-hosts, is there a way to configure how gns starts or creates docker contaienrs, want to create one with --no-hosts, or use --add-host=host:ip instead of sed-ing
Hello. Have you considered Podman container support? Its API is very similar to Docker's one. I would be great for running Gns3 in RedHat/Fedora/CentOS hosts, where Docker isn't officially available. Furthermore, it increases the security of all. Thanks!