[pkg-go] Bug#997976: podman suggests iptables, but "podman run" does not appear to work without it

Thu Oct 28 16:26:31 BST 2021

Hi Ian,

Thank you for reaching out.

On Thu, Oct 28, 2021 at 1:39 AM Ian Wienand <ianw at debian.org> wrote:

>
>
> ---
> 2021-10-28 03:35:56.042 | ++ podman run -d dib-work-image /bin/sh
> 2021-10-28 03:35:56.241 | time="2021-10-28T03:35:56Z" level=error
> msg="error
> loading cached network config: network \"podman\" not found in CNI cache"
> 2021-10-28 03:35:56.241 | time="2021-10-28T03:35:56Z" level=warning
> msg="falling back to loading from existing plugins on disk"
> 2021-10-28 03:35:56.249 | time="2021-10-28T03:35:56Z" level=error
> msg="Error
> tearing down partially created network namespace for container
> a7a992e5399d8a8537d945684ac5193b762b2dbf18f29cd3aa724c389158fb65: error
> removing pod cool_almeida_cool_almeida from CNI network \"podman\": could
> not
> initialize iptables protocol 0: exec: \"iptables\": executable file not
> found
> in $PATH"
> 2021-10-28 03:35:56.262 | Error: error configuring network namespace for
> container a7a992e5399d8a8537d945684ac5193b762b2dbf18f29cd3aa724c389158fb65:
> error adding pod cool_almeida_cool_almeida to CNI network "podman": failed
> to
> locate iptables: exec: "iptables": executable file not found in $PATH
> ---
>

podman itself does not invoke iptables or nft directly, but uses
so-call CNI Plugins for setting up the networking. The code for this
can be seen at
https://github.com/containers/podman/blob/main/libpod/networking_linux.go

I'm not super familiar with those CNI plugins and how podman interacts with
them
in detail. May I ask you to create a new issue upstream
https://github.com/containers/podman/issues/new and
mention me with @siretart in the message? -- I'd like to hear
upstream's opinion on this.

Cheers!
-rt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-go-maintainers/attachments/20211028/0d74ded2/attachment.htm>