search

containers / podman

Podman: A tool for managing OCI containers and pods.
https://podman.io
Apache License 2.0
23.99k stars 2.43k forks source link

Support shimv2 (now a functional deficit vs. Docker) #24587

Open smithfred opened 1 week ago

smithfred commented 1 week ago

Feature request description

See https://github.com/containers/podman/issues/17070 for further details, which was locked as stale, so I can't comment there.

This functionality exists for Docker as of last year - see https://github.com/moby/moby/pull/43887.

Suggest potential solution

No response

Have you considered any alternatives?

No response

Additional context

Currently there's no way to run fully functional virtualisation-isolated containers under Podman, which this would allow, via Kata. Contrary to the last comments on the linked issue, krun is not a suitable alternative - for example, it does not support exec-ing into containers, and ignores container user/group directives, breaking the ability to run third-party container images that expect to be run as a specific user.

Luap99 commented 1 week ago

I don't think anything on our side has changed, we have no resources to maintain several different complex interfaces with other runtimes that are not CLI compatible with crun/runc.

Contrary to the last comments on the linked issue, krun is not a suitable alternative - for example, it does not support exec-ing into containers, and ignores container user/group directives, breaking the ability to run third-party container images that expect to be run as a specific user.

You can always file enhancements or bug reports for krun. Also there is crun-vm as well https://github.com/containers/crun-vm/