podman: Error validating CNI config file

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

Steps to reproduce the issue:

podman system reset

Describe the results you received:

WARN[0000] Error validating CNI config file /home/chris/.config/cni/net.d/87-podman.conflist: [failed to find plugin "bridge" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "portmap" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "firewall" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "tuning" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]]

Describe the results you expected:

No errors on reset. Or I guess it should automatically or prompt to remove stale files (?)

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

podman version 4.0.1

Output of podman info --debug:

$ podman info --debug
host:
  arch: amd64
  buildahVersion: 1.24.1
  cgroupControllers:
  - cpu
  - io
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.0-2.fc36.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.0, commit: '
  cpus: 8
  distribution:
    distribution: fedora
    variant: workstation
    version: "36"
  eventLogger: journald
  hostname: fovo.local
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.17.0-0.rc6.109.fc36.x86_64+debug
  linkmode: dynamic
  logDriver: journald
  memFree: 10419982336
  memTotal: 16365338624
  networkBackend: netavark
  ociRuntime:
    name: crun
    package: crun-1.4.2-2.fc36.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.4.2
      commit: f6fbc8f840df1a414f31a60953ae514fa497c748
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.0-0.2.beta.0.fc36.x86_64
    version: |-
      slirp4netns version 1.2.0-beta.0
      commit: 477db14a24ff1a3de3a705e51ca2c4c1fe3dda64
      libslirp: 4.6.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.3
  swapFree: 8589930496
  swapTotal: 8589930496
  uptime: 6m 37.43s
plugins:
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
  - quay.io
store:
  configFile: /home/chris/.config/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: btrfs
  graphOptions: {}
  graphRoot: /home/chris/.local/share/containers/storage
  graphStatus:
    Build Version: Btrfs v5.16.2
    Library Version: "102"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 0
  runRoot: /run/user/1000/containers
  volumePath: /home/chris/.local/share/containers/storage/volumes
version:
  APIVersion: 4.0.1
  Built: 1645815878
  BuiltTime: Fri Feb 25 12:04:38 2022
  GitCommit: ""
  GoVersion: go1.18beta2
  OsArch: linux/amd64
  Version: 4.0.1

Package info (e.g. output of rpm -q podman or apt list podman):

podman-4.0.1-2.fc36.x86_64

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

This is a clean install of Fedora-Workstation-Live-x86_64-36-20220220.n.0.iso, updated. But I am using /home from a previous Fedora 35 installation so it might have some stale podman 3 bits; nevertheless the reset should get rid of it. But I get the WARN each time the command is run.

About this issue

Original URL
State: closed
Created 2 years ago
Comments: 22 (3 by maintainers)

Links to this issue

PSA: Fix for podman cni errors after upgrading Fedora

Commits related to this issue

Fix warning with CNI plugin not being founc ``` Error validating CNI config file /home/runner/.config/cni/net.d/87-podman.conflist: [failed to find plugin \"bridge\" in path [/usr/local/libexec/cni /... — committed to ritudes/odo by rm3l a year ago
Fix warning with CNI plugin not being founc ``` Error validating CNI config file /home/runner/.config/cni/net.d/87-podman.conflist: [failed to find plugin \"bridge\" in path [/usr/local/libexec/cni /... — committed to ritudes/odo by rm3l a year ago

Most upvoted comments

If you are using a debian based distro. This is the package you need to solve it. You can just:

sudo apt install containernetworking-plugins
sudo apt update
podman system reset --force

And then everything should work. Tested on Ubuntu v22.04 and podman v4.5.0

+14

acasanova99 on Apr 17, 2023

If anyone is coming from archlinux, the relevant package is cni-plugins. i.e. pacman -S cni-plugins

+11

acxz on Jun 14, 2022

containernetworking-plugins is in the appstream

$ dnf config-manager --set-enabled AppStream
$ dnf install containernetworking-plugins
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:00:21 ago on Wed Apr 27 02:01:14 2022.
Dependencies resolved.
============================================================================================================================================================================================================================================
 Package                                                          Architecture                                Version                                                                  Repository                                      Size
============================================================================================================================================================================================================================================
Installing:
 containernetworking-plugins                                      x86_64                                      1.0.0-1.module_el8.5.0+890+6b136101                                      appstream                                       19 M
Enabling module streams:
 container-tools                                                                                              rhel8                                                                                                                        

Transaction Summary
============================================================================================================================================================================================================================================
Install  1 Package

Total download size: 19 M
Installed size: 62 M
Is this ok [y/N]:

zhangguanzhang on Apr 27, 2022

Thanks @zhangguanzhang .

In Fedora 36 Silverblue: $ rpm-ostree install containernetworking-plugins

Then reboot.

marquesmateus93 on May 19, 2022

$ rpm -q containernetworking-plugins
package containernetworking-plugins is not installed

Seems like podman needs a recommends or requires?

cmurf on Mar 2, 2022

@SirSkizo Thanks a lot, same thing worked for me on arch linux with the cni-plugins package! (I then also ran into #12637 but it somehow fixed itself shortly after)

jplatte on Apr 17, 2023

@acxz Any idea why this isn’t a dependency in the podman-compose package?

Why does it seem to be happening on multiple distributions (Redhat, Arch)? Did something change in podman? I’ve been using podman-compose on a container (without having cni-plugins installed) without issue on podman 4.1.0 until I upgraded to 4.1.1 (a minor revision bump) a couple of weeks ago.

xxxserxxx on Sep 9, 2022

Ran into same error when using podman-compose. Found an issue in Silverblue issue tracker https://github.com/fedora-silverblue/issue-tracker/issues/246

kristofer-lp8f on Aug 15, 2022

@cmurf Thanks for sharing, podman by default reads CNI plugin from these paths https://github.com/containers/common/blob/main/pkg/config/default.go#L83 . If you are using custom path you would have to update containers.conf https://github.com/containers/common/blob/main/docs/containers.conf.5.md#network-table

or you could copy all the binaries and move to any of the default paths.

flouthoc on Mar 2, 2022