search

NBISweden / ejprd

1 stars 0 forks source link

Enhance instructions / configurations for compatibility with Podman #8

Closed wna-se closed 7 months ago

wna-se commented 8 months ago

There are some differences in default configurations and available features across Podman and Docker. This issue will collect reflections and workarounds to make the instructions work on Podman.

Background

Originally posted by @wna-se in https://github.com/NBISweden/ejprd/issues/6#issuecomment-2025542134

I managed to get it running by changing some of the configurations and disabling some of the health checks. A summary of my “hacks” in hopes of finding better solutions. Also, is there a particular reason for using the host network?

rabbitmq

Need to run as user rabbitmq to avoid the permission related issue from my first comment and the health check always fails for some reason (running the same command in the container itself using compose exec rabbitmq is successful). I also named the volume defined in the rabbitmq base Docker file.

Edit: Seems like reformatting the value for healthcheck test solves the problem for Podman, e.g. test: rabbitmq-diagnostics -q check_running && rabbitmq-diagnostics -q check_local_alarms

services:
  rabbitmq:
    extends:
      file: docker-compose.yml
      service: rabbitmq
    volumes:
      - rabbitmq:/var/lib/rabbitmq
    user: rabbitmq
    healthcheck:
      test: rabbitmq-diagnostics -q check_running && rabbitmq-diagnostics -q check_local_alarms

volumes:
  rabbitmq:

s3inbox, download, oidc

Removed the extra_hosts section relying on the host-gateway keyword since it’s not available in Podman and instead set the environment variable DOCKERHOST=host.containers.internal to access the host network directly. I made the changes in the docker-compose.yml file since I didn’t find a way to override it in the docker-compose-demo.yml.

oidc

Health check always fails for some reason (running the same command in the container itself using compose exec oidc is successful), e.g. test: [ "CMD", "sh", "-c", "true" ].

Edit: Seems like reformatting the value for healthcheck test solves the problem for Podman, e.g. test: python3 -c 'import requests; print(requests.get(url = "https://localhost:8080/jwk", verify="/shared/cert/ca.crt").text)'

wna-se commented 8 months ago

After reading up on the changes made to docker compose over the last few years I found that you can override extra_hosts (and any other key) like this: extra_hosts: !override []

wna-se commented 7 months ago

It seems like the issue related to formatting the healthcheck.test command relates to the fact that the docker-compose implementation interacts with an API that is not directly supported by Podman. The podman-compose implementation supposably supports the healthcheck syntax but does not support the version required to support the extends in combination with depends_on.

wna-se commented 7 months ago

Solved by #13