{"id":2684,"date":"2024-02-13T18:52:33","date_gmt":"2024-02-13T18:52:33","guid":{"rendered":"https:\/\/blog.samarthya.me\/wps\/?p=2684"},"modified":"2024-02-14T18:16:00","modified_gmt":"2024-02-14T18:16:00","slug":"non-root-podman-and-molecule","status":"publish","type":"post","link":"https:\/\/blog.samarthya.me\/wps\/2024\/02\/13\/non-root-podman-and-molecule\/","title":{"rendered":"Non root `podman` and `molecule`"},"content":{"rendered":"
\n
\"\"<\/figure>\n<\/div>\n\n\n

On my Centos8<\/code> I was facing issue when I was trying to run Molecule on a centos machine which is running podman<\/code> as a non root user. Also, I am using the driver – docker<\/code> and not podman<\/code>, so to overcome the aliases and references issues I have installed podman-docker<\/code>. <\/p>\n\n\n\n

<\/a> What is Podman?<\/h2>\n\n\n\n

Podman is a powerful tool for managing containers and pods, but it doesn’t have the exact same command-line interface (CLI) as Docker. This can be a hurdle for users accustomed to Docker workflows. <\/p>\n\n\n\n

That’s where podman-docker<\/strong> comes in. This package installs a script named docker that emulates the Docker CLI<\/code>. <\/a>It also creates links between all Docker CLI<\/code> and podman<\/code>.<\/p>\n\n\n\n

Podman-docker<\/strong> is a compatibility layer<\/strong> that allows you to use familiar Docker commands directly with Podman. It translates Docker commands into Podman commands under the hood, essentially bridging the gap between the two tools<\/strong>.<\/p>\n\n\n\n

Error<\/h2>\n\n\n\n

With the compatibility layer podman-docker<\/code>; I was facing multiple issues.<\/p>\n\n\n\n

Exception – 1<\/h3>\n\n\n\n
docker.errors.DockerException: Error while fetching server API version: ('Connection aborted.', PermissionError(13, 'Permission denied'))<\/pre>\n\n\n\n
What I could gather looking at this error was that  it is trying to reach out to docker service but since I have podman something in place. <\/p>\n\n\n\n
podman.socket<\/code><\/h2>\n\n\n\n
Podman.socket is a Unix socket file that allows communication with the Podman API. It functions in two main ways:<\/p>\n\n\n\n
1. Socket Activation:<\/strong><\/p>\n\n\n\n
    \n
  • In combination with systemd<\/code>, Podman.socket can enable on-demand service activation<\/strong>. As soon as a client connects to the socket, systemd starts the Podman API service, eliminating unnecessary background processes. This optimizes resource usage and improves security.<\/li>\n<\/ul>\n\n\n\n
    2. Docker Compatibility:<\/strong><\/p>\n\n\n\n
      \n
    • Podman.socket can be used to emulate the Docker API, allowing tools and scripts designed for Docker to work with Podman. This is achieved by translating Docker commands into Podman commands before execution. This compatibility layer is particularly useful for:\n
        \n
      • Transitioning from Docker:<\/strong> Users familiar with Docker can continue using existing workflows without significant changes.<\/li>\n\n\n\n
      • Team Collaboration:<\/strong> Teams using Docker tools can continue working together even if individual members use Podman.<\/li>\n\n\n\n
      • Supporting existing scripts:<\/strong> Scripts written for Docker can be used with Podman without modifications.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n
        Enabling the podman.socket<\/code> for the current user<\/p>\n\n\n\n
        systemctl enable --now --user podman.socket<\/code><\/pre>\n\n\n\n
        Check the status<\/p>\n\n\n\n
        systemctl status --user podman.socket\n\u25cf podman.socket - Podman API Socket\n   Loaded: loaded (\/usr\/lib\/systemd\/user\/podman.socket; enabled; vendor preset: enabled)\n   Active: active (listening) since Tue 2024-02-13 18:44:17 UTC; 8s ago\n     Docs: man:podman-system-service(1)\n   Listen: \/run\/user\/0000\/podman\/podman.sock (Stream)\n   CGroup: \/user.slice\/user-0000.slice\/user@0000.service\/podman.socket<\/code><\/pre>\n\n\n\n
        Once it was running it was still giving the same error<\/p>\n\n\n\n
        exporting DOCKER_HOST<\/code><\/p>\n\n\n\n
        We use export DOCKER_HOST<\/code> to tell the Docker client where to find the Docker daemon it needs to communicate with. It’s particularly useful in specific scenarios, but it’s essential to understand its function and potential drawbacks.<\/p>\n\n\n\n
        export DOCKER_HOST=unix:\/\/\/run\/user\/0000\/podman\/podman.sock<\/code><\/pre>\n\n\n\n
        Once this property was set molecule was able to communicate with the docker<\/code>\/podman<\/code> and without errors.<\/p>\n\n\n\n
        Error – 2<\/h3>\n\n\n\n
        The next error I got when I executed my molecule test is as under<\/p>\n\n\n\n
        UNREACHABLE! => {\n    \"changed\": false,\n    \"msg\": \"Failed to create temporary directory. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \\\"\/tmp\\\", for more error information use -vvv. Failed command was: ( umask 77 && mkdir -p \\\"` echo ~\/.ansible\/tmp `\\\"&& mkdir \\\"` echo ~\/.ansible\/tmp\/ansible-tmp-1707932756.4075935-520325-234920630732299 `\\\" && echo ansible-tmp-1707932756.4075935-520325-234920630732299=\\\"` echo ~\/.ansible\/tmp\/ansible-tmp-1707932756.4075935-520325-234920630732299 `\\\" ), exited with result 125\",\n    \"unreachable\": true\n}<\/code><\/pre>\n\n\n\n
        To resolve this you need to set the PODMAN_SOCK<\/code> variable.<\/p>\n\n\n\n
        export PODMAN_SOCK=\/run\/user\/0000\/podman\/podman.sock<\/code><\/pre>\n\n\n\n
        Once set I ran the molecule test<\/code> again and voila! all was green.<\/p>\n\n\n\n
        Versions<\/h3>\n\n\n\n
        I have the following  version of molecule and I am using podman<\/code><\/p>\n\n\n\n
        molecule --version<\/code><\/h4>\n\n\n\n
        molecule 6.0.3 using python 3.12 \n    ansible:2.16.3\n    azure:23.5.0 from molecule_plugins\n    containers:23.5.0 from molecule_plugins requiring collections: ansible.posix>=1.3.0 community.docker>=1.9.1 containers.podman>=1.8.1\n    default:6.0.3 from molecule\n    docker:23.5.0 from molecule_plugins requiring collections: community.docker>=3.0.2 ansible.posix>=1.4.0\n    ec2:23.5.0 from molecule_plugins\n    gce:23.5.0 from molecule_plugins requiring collections: google.cloud>=1.0.2 community.crypto>=1.8.0\n    podman:23.5.0 from molecule_plugins requiring collections: containers.podman>=1.7.0 ansible.posix>=1.3.0\n    vagrant:23.5.0 from molecule_plugins<\/code><\/pre>\n\n\n\n
        ansible --version<\/code><\/h4>\n\n\n\n
        ansible [core 2.16.3]<\/code><\/pre>\n\n\n\n
        podman --version<\/code><\/h4>\n\n\n\n
        podman version 4.8.3\n\n> rpm -qa \"podman-docker\"\npodman-docker-4.8.3-1.module_el8+804+f131391c.noarch\n\n\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
        On my Centos8 I was facing issue when I was trying to run Molecule on a centos machine which is running podman as a non root user. Also, I am using the driver – docker and not podman, so to overcome the aliases and references issues I have installed podman-docker. What is Podman? Podman is […]<\/p>\n","protected":false},"author":2,"featured_media":2686,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[299,34],"tags":[283],"class_list":["post-2684","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ansible","category-technical","tag-molecule"],"_links":{"self":[{"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/posts\/2684","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/comments?post=2684"}],"version-history":[{"count":5,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/posts\/2684\/revisions"}],"predecessor-version":[{"id":2692,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/posts\/2684\/revisions\/2692"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/media\/2686"}],"wp:attachment":[{"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/media?parent=2684"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/categories?post=2684"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/tags?post=2684"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}