Podman gvproxy mamba #444
Podman gvproxy mamba #444
Conversation
rolandknight
commented
Feb 9, 2024
rolandknight
commented
- Update to podman to use gvproxy
- new gvproxy package
- update to micromamba to set MAMBA_EXE environment variable (needed for proper activation)
|
|
||
| on "install" { | ||
| mkdir { | ||
| dir = "${HERMIT_ENV}/.hermit/podman" |
There was a problem hiding this comment.
Unfortunately this won't do what you hope. Install hooks only trigger once per machine-wide install, so updating the Hermit environment isn't reliable.
There was a problem hiding this comment.
ah. ok. so this should be on activation then?
There was a problem hiding this comment.
There's no real way to do what you want reliably in Hermit :(
Activation triggers when . ./bin/activate-hermit is called, but it won't trigger when a binary is executed directly via ./bin/<foo>, so it's not reliable. It's unfortunate.
There was a problem hiding this comment.
it only needs to be done once. if it's done immediately after install then all is good. if there is no way to do this, then the only solution is to replace podman with a shell script that takes care of the initialization if not done.
thoughts?
| @@ -2,6 +2,7 @@ description = "A tool for managing OCI containers and pods." | |||
| sha256-source = "https://github.com/containers/podman/releases/download/v${version}/shasums" | |||
| binaries = ["podman"] | |||
| source = "https://github.com/containers/podman/releases/download/v${version}/podman-remote-static-linux_${arch}.tar.gz" | |||
| requires = [ "gvproxy" ] | |||
There was a problem hiding this comment.
Ignoring the other issues, I won't merge this change. We don't want to set opinionated defaults in packages.
| @@ -0,0 +1,50 @@ | |||
| description = "gvproxy is a new network stack based on gVisor." | |||
There was a problem hiding this comment.
This package seems good though, happy to add it.
There was a problem hiding this comment.
ok. will split the package off. and change the podman install to not depend of gvproxy and generate a setup script instead for gvproxy (rather than force the config). sound good?
There was a problem hiding this comment.
I must admit I don't fully understand the relationship between the two. Does podman require gvproxy? Or is it an optional thing?
Either way, I would suggest those setup scripts should go in the gvproxy package, not podman.
There was a problem hiding this comment.
Podman is hard coded to use gvproxy. It cannot run without it and, when installing podman with brew, it automatically installs gvproxy as a dependency. I think having this as a dependency is fine. Theoretically, podman could use other VM proxy tools than gvproxy, but for now it's the only tool it uses. The result is quite nice - you can install podman with a single hermit install command and then build and run docker containers entirely in user space! No other installation required!
