Question on customization for client podman-remote

[ck-c8y]

I would like to use this image with the following setup:

1. the device runs podman instead of docker
2. the tedge-container-bundle should use the podman client podman-remote

What is the recommended approach to include podman-remote instead of docker-cli in the image?

[reubenmiller]

We could open up the discussion on uses podman-remote over docker-cli, however this does have risk of breaking a few things because in reality podman cli lags behind docker cli (and generally users expect docker cli syntax).

But if you're wrapping the tedge-container-bundle image in your project, then you can always just uninstall the tooling you don't like, however the self_update.sh script would have to be updated to detect which cli to use docker or podman (and test to it to see if there are no other differences).

But did you find out more info why the docker cli was having issues with the podman engine?

[ck-c8y]

I tried to investigate further, looking into how version of podman-remote and the docker cli fit together. But I got stuck here. What does is mean to replace the docker-cli with the porman-remote cli in terms of:

1. the plugin container and
2. the plugin self?

[reubenmiller]

I tried to investigate further, looking into how version of podman-remote and the docker cli fit together. But I got stuck here. What does is mean to replace the docker-cli with the porman-remote cli in terms of:

1. the plugin container and
2. the plugin self?

Assuming my interpretation of the podman-remote package was correct, then it means you have to use the podman cli instead of docker.

The the container sm-plugin comes from the tedge-container-plugin project where this is an effort going on to rewrite it in golang which should be able to detect the correct cli (either podman or docker) automatically.

[reubenmiller]

@ck-c8y Are you sure the correct container engine socket is being put in the correct place (e.g. via mounted volume)? podman uses a different socket compared to docker. And if you use something different, then you may also need to set the DOCKER_HOST env variable to help the cli tools know where to look for the socket.

[ck-c8y]

@reubenmiller: I verified all my steps:

1. startet container with docker-cli, podman-remote cli podman run -d -v /var/run/podman/podman.sock:/run/podman/podman.sock myrepo.io/podman-remote:1.0.1
2. in the started container ir run:

   
   / # docker ps
   Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

/ # podman-remote ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 22612d273816 myrepo.io/podman-remote:1.0.1 "tail -f /dev/null" 2 days ago Up 2 days serene_knuth

/ # export DOCKER_HOST=unix:///run/podman/podman.sock

/ # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 22612d273816 myrepo.io/podman-remote:1.0.1 "tail -f /dev/null" 2 days ago Up 2 days serene_knuth

3.  pulled images:

/ # docker pull myrepo.io/podman-remote:1.0.1 write /dev/stderr: input/output error

/ # podman-remote pull myrepo.io/podman-remote:1.0.1 ... was successful

[reubenmiller]

ok so looks to be some incompatibility between docker and podman.

Can you please post all of the versions (docker cli in the container, podman-remote in the container and podman version on the host)

[reubenmiller]

Would you also be able to quickly test the next-gen tedge-container-plugin version to see if it has more success at pulling images?

Firstly, you need to install the package using (if you need to setup the community repo, just follow the cloudsmith instructions...note, you may need to install curl and bash):

apk add --no-cache tedge-container-plugin-ng

Then run a test container using the following command:

tedge-container container install hello-world --module-version docker.io/hello-world:latest

You should see some output similar to this:

2024/11/18 07:47:11 INFO Executing cmd=install args=[hello-world]
2024/11/18 07:47:11 INFO Using container engine socket. value=unix:///var/run/docker.sock
2024/11/18 07:47:11 INFO Network already exists. name=tedge id=771db10a87f523eff5efc9d9f5f80d64401951264dcfc49a629f487a8b0d6e0c
2024/11/18 07:47:11 INFO Pulling image. ref=docker.io/hello-world:latest
{"status":"Pulling from library/hello-world","id":"latest"}
{"status":"Pulling fs layer","progressDetail":{},"id":"478afc919002"}
{"status":"Downloading","progressDetail":{"current":720,"total":3195},"progress":"[===========\u003e                                       ]     720B/3.195kB","id":"478afc919002"}
{"status":"Downloading","progressDetail":{"current":3195,"total":3195},"progress":"[==================================================\u003e]  3.195kB/3.195kB","id":"478afc919002"}
{"status":"Verifying Checksum","progressDetail":{},"id":"478afc919002"}
{"status":"Download complete","progressDetail":{},"id":"478afc919002"}
{"status":"Extracting","progressDetail":{"current":3195,"total":3195},"progress":"[==================================================\u003e]  3.195kB/3.195kB","id":"478afc919002"}
{"status":"Extracting","progressDetail":{"current":3195,"total":3195},"progress":"[==================================================\u003e]  3.195kB/3.195kB","id":"478afc919002"}
{"status":"Pull complete","progressDetail":{},"id":"478afc919002"}
{"status":"Digest: sha256:305243c734571da2d100c8c8b3c3167a098cab6049c9a5b066b6021a60fcb966"}
{"status":"Status: Downloaded newer image for hello-world:latest"}
2024/11/18 07:47:14 INFO Stopping container. id=hello-world
2024/11/18 07:47:14 INFO Container does not exist, so nothing to stop
2024/11/18 07:47:16 INFO created container. id=32dae7ae66d803eaafc788e1d76c5ae049766806344edc612dd51e734f0033e7 name=hello-world

[ck-c8y]

Can you please post all of the versions (docker cli in the container, podman-remote in the container and podman version on the host)

# podman version
Client:       Podman Engine
Version:      4.4.3
API Version:  4.4.3
Go Version:   go1.20.1
OS/Arch:      linux/amd64

# podman-remote version
Client:       Podman Engine
Version:      5.2.5
API Version:  5.2.5
Go Version:   go1.22.8
OS/Arch:      linux/amd64

Server:       Podman Engine
Version:      4.4.3
API Version:  4.4.3
Go Version:   go1.20.1
OS/Arch:      linux/amd64

# docker version
Client:
 Version:           26.1.5
 API version:       1.41 (downgraded from 1.45)
 Go version:        go1.22.5
 Built:             Fri Jul 26 17:51:06 2024
 OS/Arch:           linux/amd64
 Context:           default

Server: linux/amd64/unknown-unknown
 Podman Engine:
  Version:          4.4.3
  APIVersion:       4.4.3
  Arch:             amd64
  Experimental:     false
  GoVersion:        go1.20.1
  KernelVersion:    5.4.193-rt74-pxc
  MinAPIVersion:    4.0.0
  Os:               linux
 Conmon:
  Version:          conmon version 2.1.7, commit: 9a3af8f438d89ffc176f3c76c164088e64bb6b19
  Package:          Unknown
 OCI Runtime (runc):
  Version:          runc version 1.1.5+dev
commit: v1.1.5-1-g17a2d451-dirty
spec: 1.0.2-dev
go: go1.20.1
libseccomp: 2.5.3
  Package:          Unknown
 Engine:
  Version:          4.4.3
  API version:      1.41 (minimum version 1.24)
  Go version:       go1.20.1
  OS/Arch:          linux/amd64
  Experimental:     false

[ck-c8y]

I tested with the new plugin tedge-container-plugin-ng and it worked. I set an alias:

alias docker='podman-remote'

Is this how the adaption from docker to podman-remote is expected to be configured?

[reubenmiller]

I tested with the new plugin tedge-container-plugin-ng and it worked. I set an alias:

alias docker='podman-remote'

Is this how the adaption from docker to podman-remote is expected to be configured?

No, the idea of the new tedge-container-plugin-ng plugin is that it does not require the "docker" binary to be installed at all (as it is using the docker sdk under the hood). Currently the tedge-container-plugin-ng still does require access to either docker compose or podman-compose, however we're also looking at removing this requirement and instead using docker images to run docker compose (so that the docker compose can be an optional dependency).

[reubenmiller]

We could starting preparing a new tedge-bundle-container release which switches to using the new plugin (removing the need for docker or podman-remote.