Update the container documentation for better Podman support #7978
Conversation
|
Looping in @chrmarti - can you review this PR? |
|
@samuel-garmany Thanks for taking the time to create this PR. We'll look into it. |
|
@microsoft-github-policy-service agree |
There may be a better way to make this work so hopefully we can get some more opinions here. |
| To work around issues where Podman lacks permissions to create a directory in the new devcontainer, you can set Podman to build images with the Docker format, disable labling containers with SELinux, and maintain the user's UID and GID | ||
|
|
||
| ```toml | ||
| [containers] |
There was a problem hiding this comment.
Where is this located? If it's user configuration this would affect all Podman containers I guess?
There was a problem hiding this comment.
Oh yes, this configuration file should be located at ~/.config/containers/containers.conf. It will affect all containers build by podman. I haven't noticed a difference outside of devcontainers working but it is something that could be noted by the docs.
This comment was marked as off-topic.
This comment was marked as off-topic.
Sorry, something went wrong.
This comment was marked as off-topic.
This comment was marked as off-topic.
Sorry, something went wrong.
This comment was marked as off-topic.
This comment was marked as off-topic.
Sorry, something went wrong.
There was a problem hiding this comment.
@alviz22 Thats not how containers.conf works, you can’t just delete that line.
| "containerEnv": { | ||
| "HOME": "/home/node" | ||
| } | ||
| "containerUser": "vscode" |
There was a problem hiding this comment.
Setting HOME is an alternative to this. Not sure what's best, but keeping the container user as root allows entrypoints to run as root which is sometimes needed.
There was a problem hiding this comment.
In my experience setting HOME did not fix this issue and I still had build problems where permission to create directories was denied. I understand the concern that you can't set the container user to root but the alternative for me was that I couldn't connect to the container at all. This may be an artifact of an immutable OS though so if someone else has experience that would probably be helpful.
|
It's been some time so I'm just checking on this. I added some clarification to what files need to be updated and I've been using this configuration for a few weeks. It may not be perfect but I haven't found a better option and this may just be the price of using podman. Thanks! |
|
@chrmarti Any additional feedback on this PR? |
|
There is progress on microsoft/vscode-remote-release#10707 and microsoft/vscode-remote-release#10706 that will simplify the instructions we need in the documentation. I'm working on getting these released today or tomorrow. |
I found the instructions for using Podman with Devcontainers weren't working for me and other users. I had permission errors where after building the container Podman would try to make directories in the container and not be able to. This fix worked for me and is made up of fixes from other people so I imagine I'm not the only one with these issues. If there's a better way to achieve this functionality or formatting problems with my changes please let me know. I just want this to be more easily accessible information.