If there is any plan for support podman/crio

[deshui123]

When using podman/crio instead of docker, this way cann't work well for pure IPv6

There is no docker0 interface and not DOCKER related ip6table chains

When run this container, get following issue: 2020/01/14 06:21:10 running [/sbin/iptables -t nat -C OUTPUT -m addrtype --dst-type LOCAL -j DOCKER --wait]: exit status 2: iptables v1.8.3 (legacy): Couldn't load target `DOCKER':No such file or directory

Platform: CentOS8

[root@henry-1921-cs-01 ~]# ip a s cni0 4: cni0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 96:1c:1d:bc:a7:60 brd ff:ff:ff:ff:ff:ff inet6 fd00:4::1/64 scope global valid_lft forever preferred_lft forever inet6 fe80::941c:1dff:febc:a760/64 scope link valid_lft forever preferred_lft forever

[root@henry-1921-cs-01 ~]# podman info host: BuildahVersion: 1.6-dev Conmon: package: Unknown path: /usr/libexec/crio/conmon version: 'conmon version 2.0.1, commit: HEAD' Distribution: distribution: '"centos"' version: "8" MemFree: 6477934592 MemTotal: 8191897600 OCIRuntime: package: containerd.io-1.2.10-3.2.el7.x86_64 path: /usr/bin/runc version: |- runc version 1.0.0-rc8+dev commit: 3e425f80a8c931f88e6d94a8c831b9d5aa481657 spec: 1.0.1-dev SwapFree: 0 SwapTotal: 0 arch: amd64 cpus: 4 hostname: henry-1921-cs-01 kernel: 4.18.0-80.11.2.el8_0.x86_64 os: linux rootless: false uptime: 7h 7m 26.76s (Approximately 0.29 days) insecure registries: registries: [] registries: registries:

• registry.redhat.io
• quay.io
• docker.io store: ConfigFile: /etc/containers/storage.conf ContainerStore: number: 0 GraphDriverName: overlay GraphOptions: null GraphRoot: /data0/storage GraphStatus: Backing Filesystem: extfs Native Overlay Diff: "true" Supports d_type: "true" Using metacopy: "false" ImageStore: number: 2 RunRoot: /var/run/containers/storage

[root@henry-1921-cs-01 ~]# ip6tables -nvL ..... Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 CNI-FORWARD all ::/0 ::/0 / CNI firewall plugin rules /

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination

Chain CNI-FORWARD (1 references) pkts bytes target prot opt in out source destination 0 0 CNI-ADMIN all ::/0 ::/0 / CNI firewall plugin rules /

Chain CNI-ADMIN (1 references) pkts bytes target prot opt in out source destination

[robbertkl]

Currently, there are no plans to support podman / crio. The scope of the project is to mirror Docker IPv4 NAT behavior. I'm not very familiar with podman / crio, but if it's doing its networking in a different way than Docker does, it won't be feasible to support it in this tool.