search

containers / podman

Podman: A tool for managing OCI containers and pods.
https://podman.io
Apache License 2.0
23.4k stars 2.38k forks source link

Running Podman under crun OCI runtime does not work #21959

Closed krahimza closed 7 months ago

krahimza commented 7 months ago

Issue Description

I am referencing this discussion: https://github.com/containers/podman/discussions/21750

I am filling a bug report on behalf of my manager and CyberArk.

I will be as clear as possible to describe the issue below.

What am I trying to do:

I am trying to run the HTML5 Gateway CyberArk solution with podman as docker is not supported anymore.

CyberArk documentation: https://docs.cyberark.com/pam-self-hosted/13.0/en/Content/PAS%20INST/Install_PSM_HTML5_Docker.htm?tocpath=Installation%7CInstall%20PAM%20-%20Self-Hosted%7CInstall%20PSM%7CAdvanced%20PSM%20Implementations%7CInstall%20PSM%20HTML5%20Gateway%7C_____1

What am I running this on:

Context

I am running a podman container on my RHEL 8.6 server. This container is to be monitored by the Dynatrace monitoring tool. The issue that they are facing is that they cannot do a full-stack monitoring of the Tomcat processes, they have investigated this issue from their side and found out that Podman needs to be configured to use 'crun' runtime instead of 'runc' as seen below:

image

As I looked up on how to change the runtime from runc to crun, I found the configuration file under /usr/share/containers/containers.conf path in order to achieve this, and subsequently changed the OCI runtime from runc to crun.

image

Next, I attempted to retrieve the status of the running Podman containers, but encountered the following error:

image

After that I created a podman post, in order to seek a resolution for this issue, I got the feedback below:

image

Further, I looked up on how to install crun on RHEL 8 following the instructions on this page Complete Guide: Installing and Uninstalling crun.x86_64 on CentOS 8 / RHEL 8 (linux-packages.com) but ended up with the error below:

image

I checked that there are multiple log files with different timestamps as seen below, I also got the size of the directory along with the total occupied size in that directory, I have also checked that there is enough space on this location:

image

I am expecting with the pre-installed Podman package to already have the compatibility for crun and no manual intervention is needed.

Steps to reproduce the issue

Steps to reproduce the issue 1.Have the container running 2.Navigate to /usr/share/containers/ path 3.Edit containers.conf with the following data and leave the rest as default:

# Default OCI runtime
#
runtime = "crun"
# runtime = "runc"

4.Save the changes and exit the configuration file editor 5.Execute podman ps

The following error is now displayed:

Error: default OCI runtime "crun" not found: invalid argument

Describe the results you received

Error: default OCI runtime "crun" not found: invalid argument

Describe the results you expected

\CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 03c0cc102b0f localhost/cahtml5gw:13_2_1_1 3 months ago Up 3 months 0.0.0.0:443->8443/tcp xxxxxxx.xxx.xxx

podman info output

podman version= 4.6.1
Operating System= RHEL 8.6 Oopta
Architecture= VMware

Podman in a container

No

Privileged Or Rootless

Privileged

Upstream Latest Release

No

Additional environment details

N/A

Additional information

N/A

baude commented 7 months ago

all rhel related bugs should be filed via official rhel bug reporting mechanisms fwiw ...

giuseppe commented 7 months ago

I am closing the issue since there is nothing we can do upstream.

You need to install the crun package, i.e. run yum install crun, before you are able to use it from Podman