...
| Code Block |
|---|
root@ubuntu-20-04:~# podman run --rm -it --privileged \
> -v /tmp/test:/tmp/test \
> -v /var/lib/containers/storage:/var/lib/containers/storage \
> -v /run/libpod:/run/libpod \
> -v /run/containers/storage:/run/containers/storage \
> quay.io/podman/stable:v3.3.1 bash
[root@6163ad73434f /]# podman run --rm -it --privileged \
-v /tmp/test:/tmp/test \
-v /var/lib/containers/storage:/var/lib/containers/storage \
-v /run/libpod:/run/libpod \
-v /run/containers/storage:/run/containers/storage \
quay.io/podman/stable:v3.3.1 bash
[root@6163ad73434f /]# ls -l /tmp/test/
total 0
-rw-rw-r-- 1 podman podman 0 Sep 27 18:20 1.txt
-rw-rw-r-- 1 podman podman 0 Sep 27 18:20 2.txt
-rw-rw-r-- 1 podman podman 0 Sep 27 18:20 3.txt
-rw-rw-r-- 1 podman podman 0 Sep 27 18:20 4.txt
-rw-rw-r-- 1 podman podman 0 Sep 27 18:20 5.txt
-rw-rw-r-- 1 podman podman 0 Sep 27 18:20 6.txt
-rw-rw-r-- 1 podman podman 0 Sep 27 18:20 7.txt
-rw-r--r-- 1 podman podman 0 Sep 27 18:23 8.txt
|
According to podman documentation:
… people intend to use rootless Podman - they want their UID inside and outside the container to match. Thus, we provide the
--userns=keep-idflag, which ensures that your user is mapped to its own UID and GID inside the container.It is also helpful to distinguish between running Podman as a rootless user, and a container which is built to run rootless. If the container you're trying to run has a
USERwhich is not root, then when mounting volumes you must use--userns=keep-id. This is because the container user would not be able to becomerootand access the mounted volumes.
Changes to HySDS
With HySDS needing the option of supporting both docker and podman (and also singularity) there will be a large refactor required in job_worker.py (source code)
...