Upgrade v5.1.1

[mgoltzsche]

Upgrade to Podman 5.1.1 and drop CNI networking and slirp4netns in favour of netavark (statically linked) and pasta.

This is a follow-up of #87 and #90.

[mgoltzsche]

PROBLEM: Even after upgrading to podman 5.0.3, many e2e tests are still failing, particularly those trying to run podman as root which appears to use pasta and fails as follows:

Error: setting up Pasta: pasta failed with exit code 1:
Don't run as root. Changing to nobody...

This is how to reproduce the error directly (using the changes within this PR/branch):

docker run --rm --privileged mgoltzsche/podman:5.0.3-local-dev podman run alpine:3.20 echo hello

I wonder whether it should be using pasta at all when running as root?

Rootless networking seems to work, except for port-forwarding. Though, for some reason running podman play kube as non-root user also fails.

[mgoltzsche]

Upgrading podman to version 5.1.1 made the rootful network connectivity test pass (where pasta failed previously when run as root). Remaining problems:

• The port mapping tests fail on my machine but not within the CI build (maybe it is due to my Linux kernel (6.5.0-35 vs 6.5.0-1021-azure on GHA), docker version (26.1.3 vs 24.0.9 on GHA) or something else differs in my network stack - nftables?): the podman command creates the container successfully but does not forward the port. This happens in both cases when podman is run as non-root user and also when it is run as root.
• The podman play kube command fails to start the Pod when it is trying to mount /tmp/storage-run-1000/containers/networks/rootless-netns/run into the Pod's containers at /run because the directory /tmp/storage-run-1000/containers/networks/rootless-netns does not exist at that point. Though, using the quay.io/podman/stable:v5.0.3 image I cannot reproduce the problem, indicating the problem is due to the setup within this repository. See discussion within the upstream podman repo.

[mgoltzsche]

Now that I rebuilt the PR without changes really, the port-forwarding tests are failing also within the CI build as on my machine (docker 26.1.4). Looks like a docker upgrade caused the problem since the last working build from 2 days ago logged the following environment info:

Linux fv-az1567-837 6.5.0-1021-azure #22~22.04.1-Ubuntu SMP Tue Apr 30 16:08:18 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Docker version 24.0.9, build 2936816

but the failing build from today logs:

Linux fv-az1543-982 6.5.0-1021-azure #22~22.04.1-Ubuntu SMP Tue Apr 30 16:08:18 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Docker version 26.1.3, build b72abbb

Also, the rootful port-forwarding test fails on my machine when I run the tests against the v4.9.5 build - rootless port-forwarding still works on my machine with podman 4.9.5, using the old network stack, though.

[mgoltzsche]

Turns out that the newer docker version adds an /etc/hosts to the container that makes localhost resolve to IPv6 but the port was available on IPv4 only. To make the test pass, I've let it use 127.0.0.1 now instead of localhost.