search

containers / podman

Podman: A tool for managing OCI containers and pods.
https://podman.io
Apache License 2.0
23.71k stars 2.41k forks source link

Podman Machine VM config does not get created when an Ignition file is provided #23544

Open cheesesashimi opened 3 months ago

cheesesashimi commented 3 months ago

Issue Description

Whenever the --ignition-path argument is provided to podman machine init, Podman silently fails to write the <machine-name>.json config file. If I add the --now flag or when I try to run podman machine start <machine-name>, I get the following error:

$ podman machine init --ignition-path=./ignition.json
Looking up Podman Machine image at quay.io/podman/machine-os:5.1 to create VM
Extracting compressed file: podman-machine-default-amd64.qcow2: done  
Machine init complete
To start your machine run:

    podman machine start

$ podman machine start
Error: podman-machine-default: VM does not exist
$ podman version
podman version           
Client:       Podman Engine
Version:      5.1.2
API Version:  5.1.2
Go Version:   go1.22.5
Built:        Tue Jul  9 20:00:00 2024
OS/Arch:      linux/amd64
$ podman info
host:
  arch: amd64
  buildahVersion: 1.36.0
  cgroupControllers:
  - cpu
  - io
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.10-1.fc40.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.10, commit: '
  cpuUtilization:
    idlePercent: 96.94
    systemPercent: 1.18
    userPercent: 1.88
  cpus: 16
  databaseBackend: sqlite
  distribution:
    distribution: fedora
    variant: workstation
    version: "40"
  eventLogger: journald
  freeLocks: 2047
  hostname: zzlotnik-thinkpadp16vgen1.rmtuspa.csb
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 4201110
      size: 1
    - container_id: 1
      host_id: 165536
      size: 165536
    uidmap:
    - container_id: 0
      host_id: 4201110
      size: 1
    - container_id: 1
      host_id: 165536
      size: 165536
  kernel: 6.9.12-200.fc40.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 7430606848
  memTotal: 66040754176
  networkBackend: netavark
  networkBackendInfo:
    backend: netavark
    dns:
      package: aardvark-dns-1.11.0-3.fc40.x86_64
      path: /usr/libexec/podman/aardvark-dns
      version: aardvark-dns 1.11.0
    package: netavark-1.11.0-3.fc40.x86_64
    path: /usr/libexec/podman/netavark
    version: netavark 1.11.0
  ociRuntime:
    name: crun
    package: crun-1.15-1.fc40.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.15
      commit: e6eacaf4034e84185fd8780ac9262bbf57082278
      rundir: /run/user/4201110/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
  os: linux
  pasta:
    executable: /usr/bin/pasta
    package: passt-0^20240624.g1ee2eca-1.fc40.x86_64
    version: |
      pasta 0^20240624.g1ee2eca-1.fc40.x86_64
      Copyright Red Hat
      GNU General Public License, version 2 or later
        <https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
      This is free software: you are free to change and redistribute it.
      There is NO WARRANTY, to the extent permitted by law.
  remoteSocket:
    exists: false
    path: /run/user/4201110/podman/podman.sock
  rootlessNetworkCmd: pasta
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.2-2.fc40.x86_64
    version: |-
      slirp4netns version 1.2.2
      commit: 0ee2d87523e906518d34a6b423271e4826f71faf
      libslirp: 4.7.0
      SLIRP_CONFIG_VERSION_MAX: 4
      libseccomp: 2.5.5
  swapFree: 8589144064
  swapTotal: 8589930496
  uptime: 55h 43m 47.00s (Approximately 2.29 days)
  variant: ""
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
store:
  configFile: /home/zzlotnik/.config/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 1
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/zzlotnik/.local/share/containers/storage
  graphRootAllocated: 1022488809472
  graphRootUsed: 59763646464
  graphStatus:
    Backing Filesystem: btrfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 1
  runRoot: /run/user/4201110/containers
  transientStore: false
  volumePath: /home/zzlotnik/.local/share/containers/storage/volumes
version:
  APIVersion: 5.1.2
  Built: 1720569600
  BuiltTime: Tue Jul  9 20:00:00 2024
  GitCommit: ""
  GoVersion: go1.22.5
  Os: linux
  OsArch: linux/amd64
  Version: 5.1.2
$ rpm -q podman                     
podman-5.1.2-1.fc40.x86_64

Steps to reproduce the issue

Steps to reproduce the issue

  1. Create a new Podman machine VM by running the following command: podman machine init --ignition-path=./ignition.json.
  2. Try to start the newly created VM by running podman machine start.

Describe the results you received

Whenever I run podman machine init --ignition-path=./ignition.json, it fails to create the podman-machine-default.json and podman-machine-default.ign files. Running this with --log-level=debug below provides the following output:

$ podman machine init --log-level=debug --ignition-path=./ignition.json                                                    
INFO[0000] podman filtering at log level debug          
DEBU[0000] Using Podman machine with `qemu` virtualization provider 
DEBU[0000] socket length for /home/zzlotnik/.config/containers/podman/machine/qemu is 53 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu is 58 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu/cache is 64 
DEBU[0000] socket length for /run/user/4201110/podman is 24 
DEBU[0000] socket length for /home/zzlotnik/.config/containers/podman/machine/qemu is 53 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu is 58 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu/cache is 64 
DEBU[0000] socket length for /run/user/4201110/podman is 24 
DEBU[0000] socket length for /home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.json is 81 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu/podman-machine-default-amd64.qcow2 is 93 
Looking up Podman Machine image at quay.io/podman/machine-os:5.1 to create VM
DEBU[0000] Using registries.d directory /etc/containers/registries.d 
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf" 
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf.d/000-shortnames.conf" 
DEBU[0000] Trying to access "quay.io/podman/machine-os:5.1" 
DEBU[0000] No credentials matching quay.io/podman/machine-os found in /run/user/4201110/containers/auth.json 
DEBU[0000] No credentials matching quay.io/podman/machine-os found in /home/zzlotnik/.config/containers/auth.json 
DEBU[0000] Found credentials for quay.io/podman/machine-os in credential helper containers-auth.json in file /home/zzlotnik/.docker/config.json 
DEBU[0000]  No signature storage configuration found for quay.io/podman/machine-os:5.1, using built-in default file:///home/zzlotnik/.local/share/containers/sigstore 
DEBU[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/quay.io 
DEBU[0000] GET https://quay.io/v2/                      
DEBU[0000] Ping https://quay.io/v2/ status 401          
DEBU[0000] GET https://quay.io/v2/auth?account=openshift-release-dev%2Bocm_access_3c86cce4fb174674907b20918236684f&scope=repository%3Apodman%2Fmachine-os%3Apull&service=quay.io 
DEBU[0000] Increasing token expiration to: 60 seconds   
DEBU[0000] GET https://quay.io/v2/podman/machine-os/manifests/5.1 
DEBU[0000] Content-Type from manifest GET is "application/vnd.oci.image.index.v1+json" 
DEBU[0000] found image in digest: "sha256:c11f0868f26fa4dfa2a0b20c4bb7fa47834e103a4c5bc097fc2ea1b7c261a6b5" 
DEBU[0000] GET https://quay.io/v2/podman/machine-os/manifests/sha256:c11f0868f26fa4dfa2a0b20c4bb7fa47834e103a4c5bc097fc2ea1b7c261a6b5 
DEBU[0000] Content-Type from manifest GET is "application/vnd.oci.image.manifest.v1+json" 
DEBU[0000] original artifact file name: podman-machine-daily.x86_64.qemu.qcow2.zst 
DEBU[0000] GET https://quay.io/v2/podman/machine-os/manifests/sha256:c11f0868f26fa4dfa2a0b20c4bb7fa47834e103a4c5bc097fc2ea1b7c261a6b5 
DEBU[0000] Content-Type from manifest GET is "application/vnd.oci.image.manifest.v1+json" 
DEBU[0000] original artifact file name: podman-machine-daily.x86_64.qemu.qcow2.zst 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu/cache/c11f0868f26fa4dfa2a0b20c4bb7fa47834e103a4c5bc097fc2ea1b7c261a6b5.qcow2.zst is 139 
DEBU[0000] cached image exists and is latest: /home/zzlotnik/.local/share/containers/podman/machine/qemu/cache/c11f0868f26fa4dfa2a0b20c4bb7fa47834e103a4c5bc097fc2ea1b7c261a6b5.qcow2.zst 
DEBU[0000] Detected compression format zstd             
Extracting compressed file: podman-machine-default-amd64.qcow2: done  
DEBU[0002] --> imagePath is "/home/zzlotnik/.local/share/containers/podman/machine/qemu/podman-machine-default-amd64.qcow2" 
DEBU[0002] socket length for /home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.ign is 80 
Machine init complete
To start your machine run:

    podman machine start

DEBU[0002] Called machine init.PersistentPostRunE(podman machine init --log-level=debug --ignition-path=./ignition.json) 
DEBU[0002] Shutting down engines

Trying to start the machine, I get the following output:

$ podman machine start --log-level=debug                                                     
INFO[0000] podman filtering at log level debug          
DEBU[0000] Using Podman machine with `qemu` virtualization provider 
DEBU[0000] socket length for /home/zzlotnik/.config/containers/podman/machine/qemu is 53 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu is 58 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu/cache is 64 
DEBU[0000] socket length for /run/user/4201110/podman is 24 
DEBU[0000] socket length for /home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.json is 81 
Error: podman-machine-default: VM does not exist
DEBU[0000] Shutting down engines

Neither the podman-machine-default.json file nor the podman-machine-default.ign files were created:

$ stat "$HOME/.config/containers/podman/machine/qemu/podman-machine-default.json"
stat: cannot statx '/home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.json': No such file or directory

$ stat "$HOME/.config/containers/podman/machine/qemu/podman-machine-default.ign"
stat: cannot statx '/home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.ign': No such file or directory

By comparison, omitting the --ignition-path flag yields the following normal behaviors:

$ podman machine init --log-level=debug                                
INFO[0000] podman filtering at log level debug          
DEBU[0000] Using Podman machine with `qemu` virtualization provider 
DEBU[0000] socket length for /home/zzlotnik/.config/containers/podman/machine/qemu is 53 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu is 58 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu/cache is 64 
DEBU[0000] socket length for /run/user/4201110/podman is 24 
DEBU[0000] socket length for /home/zzlotnik/.config/containers/podman/machine/qemu is 53 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu is 58 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu/cache is 64 
DEBU[0000] socket length for /run/user/4201110/podman is 24 
DEBU[0000] socket length for /home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.json is 81 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu/podman-machine-default-amd64.qcow2 is 93 
Looking up Podman Machine image at quay.io/podman/machine-os:5.1 to create VM
DEBU[0000] Using registries.d directory /etc/containers/registries.d 
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf" 
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf.d/000-shortnames.conf" 
DEBU[0000] Trying to access "quay.io/podman/machine-os:5.1" 
DEBU[0000] No credentials matching quay.io/podman/machine-os found in /run/user/4201110/containers/auth.json 
DEBU[0000] No credentials matching quay.io/podman/machine-os found in /home/zzlotnik/.config/containers/auth.json 
DEBU[0000] Found credentials for quay.io/podman/machine-os in credential helper containers-auth.json in file /home/zzlotnik/.docker/config.json 
DEBU[0000]  No signature storage configuration found for quay.io/podman/machine-os:5.1, using built-in default file:///home/zzlotnik/.local/share/containers/sigstore 
DEBU[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/quay.io 
DEBU[0000] GET https://quay.io/v2/                      
DEBU[0000] Ping https://quay.io/v2/ status 401          
DEBU[0000] GET https://quay.io/v2/auth?account=openshift-release-dev%2Bocm_access_3c86cce4fb174674907b20918236684f&scope=repository%3Apodman%2Fmachine-os%3Apull&service=quay.io 
DEBU[0000] Increasing token expiration to: 60 seconds   
DEBU[0000] GET https://quay.io/v2/podman/machine-os/manifests/5.1 
DEBU[0000] Content-Type from manifest GET is "application/vnd.oci.image.index.v1+json" 
DEBU[0000] found image in digest: "sha256:c11f0868f26fa4dfa2a0b20c4bb7fa47834e103a4c5bc097fc2ea1b7c261a6b5" 
DEBU[0000] GET https://quay.io/v2/podman/machine-os/manifests/sha256:c11f0868f26fa4dfa2a0b20c4bb7fa47834e103a4c5bc097fc2ea1b7c261a6b5 
DEBU[0000] Content-Type from manifest GET is "application/vnd.oci.image.manifest.v1+json" 
DEBU[0000] original artifact file name: podman-machine-daily.x86_64.qemu.qcow2.zst 
DEBU[0000] GET https://quay.io/v2/podman/machine-os/manifests/sha256:c11f0868f26fa4dfa2a0b20c4bb7fa47834e103a4c5bc097fc2ea1b7c261a6b5 
DEBU[0000] Content-Type from manifest GET is "application/vnd.oci.image.manifest.v1+json" 
DEBU[0000] original artifact file name: podman-machine-daily.x86_64.qemu.qcow2.zst 
DEBU[0000] socket length for /home/zzlotnik/.local/share/containers/podman/machine/qemu/cache/c11f0868f26fa4dfa2a0b20c4bb7fa47834e103a4c5bc097fc2ea1b7c261a6b5.qcow2.zst is 139 
DEBU[0000] cached image exists and is latest: /home/zzlotnik/.local/share/containers/podman/machine/qemu/cache/c11f0868f26fa4dfa2a0b20c4bb7fa47834e103a4c5bc097fc2ea1b7c261a6b5.qcow2.zst 
Extracting compressed file: podman-machine-default-amd64.qcow2 [------------------------------------------------------------------------------] 0.0b / 1013.4MiB
Extracting compressed file: podman-machine-default-amd64.qcow2: done  
DEBU[0003] --> imagePath is "/home/zzlotnik/.local/share/containers/podman/machine/qemu/podman-machine-default-amd64.qcow2" 
DEBU[0003] socket length for /home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.ign is 80 
DEBU[0004] socket length for /run/user/4201110/podman/qmp_podman-machine-default.sock is 56 
DEBU[0004] socket length for /run/user/4201110/podman/podman-machine-default_vm.pid is 54 
Image resized.
DEBU[0004] writing ignition file to "/home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.ign" 
DEBU[0004] writing configuration file "/home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.json" 
Machine init complete
To start your machine run:

    podman machine start

DEBU[0004] Called machine init.PersistentPostRunE(podman machine init --log-level=debug) 
DEBU[0004] Shutting down engines

When this happens, I can start the Podman VM normally. Additionally, I can see that the config files were created as expected:

$ stat "$HOME/.config/containers/podman/machine/qemu/podman-machine-default.json"
  File: /home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.json
  Size: 1005        Blocks: 8          IO Block: 4096   regular file
Device: 0,41    Inode: 55574089    Links: 1
Access: (0644/-rw-r--r--)  Uid: (4201110/zzlotnik)   Gid: (4201110/zzlotnik)
Context: unconfined_u:object_r:config_home_t:s0
Access: 2024-08-07 18:39:27.405098220 -0400
Modify: 2024-08-07 18:39:27.405098220 -0400
Change: 2024-08-07 18:39:27.406098213 -0400
 Birth: 2024-08-07 18:39:27.405098220 -0400

$ stat "$HOME/.config/containers/podman/machine/qemu/podman-machine-default.ign" 
  File: /home/zzlotnik/.config/containers/podman/machine/qemu/podman-machine-default.ign
  Size: 4978        Blocks: 16         IO Block: 4096   regular file
Device: 0,41    Inode: 55574058    Links: 1
Access: (0644/-rw-r--r--)  Uid: (4201110/zzlotnik)   Gid: (4201110/zzlotnik)
Context: unconfined_u:object_r:config_home_t:s0
Access: 2024-08-07 18:39:27.463097838 -0400
Modify: 2024-08-07 18:39:27.405098220 -0400
Change: 2024-08-07 18:39:27.405098220 -0400
 Birth: 2024-08-07 18:37:00.487066296 -0400

Describe the results you expected

I would have expected the podman-machine-default.json file to be created and the VM should be able to start by running podman machine start <vm-name>.

podman info output

host:
  arch: amd64
  buildahVersion: 1.36.0
  cgroupControllers:
  - cpu
  - io
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.10-1.fc40.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.10, commit: '
  cpuUtilization:
    idlePercent: 96.94
    systemPercent: 1.18
    userPercent: 1.88
  cpus: 16
  databaseBackend: sqlite
  distribution:
    distribution: fedora
    variant: workstation
    version: "40"
  eventLogger: journald
  freeLocks: 2047
  hostname: zzlotnik-thinkpadp16vgen1.rmtuspa.csb
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 4201110
      size: 1
    - container_id: 1
      host_id: 165536
      size: 165536
    uidmap:
    - container_id: 0
      host_id: 4201110
      size: 1
    - container_id: 1
      host_id: 165536
      size: 165536
  kernel: 6.9.12-200.fc40.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 7430606848
  memTotal: 66040754176
  networkBackend: netavark
  networkBackendInfo:
    backend: netavark
    dns:
      package: aardvark-dns-1.11.0-3.fc40.x86_64
      path: /usr/libexec/podman/aardvark-dns
      version: aardvark-dns 1.11.0
    package: netavark-1.11.0-3.fc40.x86_64
    path: /usr/libexec/podman/netavark
    version: netavark 1.11.0
  ociRuntime:
    name: crun
    package: crun-1.15-1.fc40.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.15
      commit: e6eacaf4034e84185fd8780ac9262bbf57082278
      rundir: /run/user/4201110/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
  os: linux
  pasta:
    executable: /usr/bin/pasta
    package: passt-0^20240624.g1ee2eca-1.fc40.x86_64
    version: |
      pasta 0^20240624.g1ee2eca-1.fc40.x86_64
      Copyright Red Hat
      GNU General Public License, version 2 or later
        <https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
      This is free software: you are free to change and redistribute it.
      There is NO WARRANTY, to the extent permitted by law.
  remoteSocket:
    exists: false
    path: /run/user/4201110/podman/podman.sock
  rootlessNetworkCmd: pasta
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.2-2.fc40.x86_64
    version: |-
      slirp4netns version 1.2.2
      commit: 0ee2d87523e906518d34a6b423271e4826f71faf
      libslirp: 4.7.0
      SLIRP_CONFIG_VERSION_MAX: 4
      libseccomp: 2.5.5
  swapFree: 8589144064
  swapTotal: 8589930496
  uptime: 55h 43m 47.00s (Approximately 2.29 days)
  variant: ""
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
store:
  configFile: /home/zzlotnik/.config/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 1
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/zzlotnik/.local/share/containers/storage
  graphRootAllocated: 1022488809472
  graphRootUsed: 59763646464
  graphStatus:
    Backing Filesystem: btrfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 1
  runRoot: /run/user/4201110/containers
  transientStore: false
  volumePath: /home/zzlotnik/.local/share/containers/storage/volumes
version:
  APIVersion: 5.1.2
  Built: 1720569600
  BuiltTime: Tue Jul  9 20:00:00 2024
  GitCommit: ""
  GoVersion: go1.22.5
  Os: linux
  OsArch: linux/amd64
  Version: 5.1.2

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

No

Additional environment details

Additional environment details

Additional information

This only occurs whenever the --ignition-path= option is provided to podman machine init. Otherwise, it works as it should. I did a bit of debugging and code spelunking to try to figure out how / why this is happening, and found this:

https://github.com/containers/podman/blob/main/pkg/machine/shim/host.go#L193-L198

So essentially, we return early and never make it to this part:

https://github.com/containers/podman/blob/main/pkg/machine/shim/host.go#L237-L247

I feel like I have enough context that I can submit a PR to fix this issue. However, what I'm not sure of is what the preferred behavior should be whenever a user provides their own Ignition config. In other words, should the ready.service unit be added to the user-provided Ignition config or should the user-provided Ignition config be used as-is:

https://github.com/containers/podman/blob/main/pkg/machine/shim/host.go#L200-L220

Personally, I'm of the opinion that the ready.service unit should not be added to user-supplied Ignition, but I could be persuaded otherwise. Anyway, please let me know if there is any further information that would be helpful here.

baude commented 2 months ago

I would welcome a PR and nice find! The behavior is like so. If the user provides an ignition file, we do no additional ignition changes (so no ready unit). And yes, we should be writing a JSON and we should write a regression test as such with your PR (just init and check the json is there, we dont have to start it). lmk if you need any help with this one.

gaufde commented 2 months ago

I am running into this bug as well. Is there a work-around that can be used in the meantime?

gaufde commented 1 month ago

@baude I've been trying to figure out a work-around for this issue by either modifying the default ignition file and replacing it with my own, or creating the missing JSON file.

When I try the above methods and then try podman machine start the process just hangs and it never actually starts. However, I just realized, that the reason it hasn't appeared to work is probably because of the ready.service unit. Right now I see it only mentioned that the user needs to handle this themselves.

--ignition-path

Fully qualified path of the ignition file.

If an ignition file is provided, the file is copied into the user’s CONF_DIR and renamed. Additionally, no SSH keys are generated, nor are any system connections made. It is assumed that the user does these things manually or handled otherwise.

Is there documentation somewhere for me to learn how to do this manually or add the necessary units to my butane file?

Also, is that right that an ignition file that has been tested to work on FCOS running elsewhere (e.g on a VPS) would have problems starting using podman machine start (assuming this issue about the JSON file is fixed)?

ClientIco commented 5 days ago

What is the progress of this ? Do we know what constitute service.ready yet - Also can someone maybe point me to more reading material on it - I also would like a workaround - I mean for those that don't included SSH authorize public keys and users and potentially only specify other things in their ignition file, it would have been nice to be able to have a working podman machine afterwards.

Any details regarding that service.ready unit will help!