Open made2140 opened 2 months ago
after some digging up, it seems I have found the culprit for making Podman to run flows - I had to relabel podman directories with semanage
:
podman info | grep graphRoot
semanage fcontext -a -e /var/lib/containers <graphRoot_path>
restorecon -R -v <graphRoot_path>
commands had to be applied with user with sudo permissions. it is based on RedHat KB: https://access.redhat.com/solutions/7021610
Feature description
hello! I have just got to know Kestra, loved the first impression and immediately wanted to try it on my own! I have tried it to run a test drive (OSS version) on Docker, which was a easy peasy thing to do, but then I wanted to try it on rootless Podman (one of our customer has support only for RHEL OS, so Podman is a only option there), but ever since I have failed to run and/or test Kestra flows properly there. I believe it is because of the lacking permissions. I have followed official Podman Compose installation steps, but they seem to be more focused for Win/Mac users. I have also followed Podman compose installation steps on RHEL. SELinux is enabled on the machine, so then I have to use
privileged: true
option in compose file. I have multiple different issues when trying to start Kestra on Podman, but then with various workarounds I have been able to start it successfully. and afterwards, when testing tutorial's hello_world flow, I receive an error which indicates that Kestra cannot utilize podman.sock correctly:/bin/sh: error while loading shared libraries: /lib/x86_64-linux-gnu/libc.so.6: cannot apply additional memory protection after relocation: Permission denied
so, basically my main question is - how would I be able to run Kestra on Podman successfully on RHEL? thanks for reading and looking forward to any insights you have!
my compose.yml:
screenshot of a Kestra's output: