podman: Mailcow on podman do not work and produce a funny error message

/kind bug

Description: I tried to run Mailcow on podman with docker-compose. I get the following error:

[root@abydos mailcow-dockerized]# docker-compose up -d
Creating network "mailcowdockerized_mailcow-network" with driver "bridge"
Creating volume "mailcowdockerized_vmail-vol-1" with default driver
Creating volume "mailcowdockerized_vmail-index-vol-1" with default driver
Creating volume "mailcowdockerized_mysql-vol-1" with default driver
Creating volume "mailcowdockerized_mysql-socket-vol-1" with default driver
Creating volume "mailcowdockerized_redis-vol-1" with default driver
Creating volume "mailcowdockerized_rspamd-vol-1" with default driver
Creating volume "mailcowdockerized_solr-vol-1" with default driver
Creating volume "mailcowdockerized_postfix-vol-1" with default driver
Creating volume "mailcowdockerized_crypt-vol-1" with default driver
Creating volume "mailcowdockerized_sogo-web-vol-1" with default driver
Creating volume "mailcowdockerized_sogo-userdata-backup-vol-1" with default driver
Creating mailcowdockerized_clamd-mailcow_1     ... done
Creating mailcowdockerized_unbound-mailcow_1   ... done
Creating mailcowdockerized_dockerapi-mailcow_1 ... done
Creating mailcowdockerized_watchdog-mailcow_1  ... done
Creating mailcowdockerized_memcached-mailcow_1 ... done
Creating mailcowdockerized_redis-mailcow_1     ... done
Creating mailcowdockerized_sogo-mailcow_1      ... done
Creating mailcowdockerized_solr-mailcow_1      ... done
Creating mailcowdockerized_olefy-mailcow_1     ... done
Creating mailcowdockerized_mysql-mailcow_1     ... done
Creating mailcowdockerized_php-fpm-mailcow_1   ... done
Creating mailcowdockerized_dovecot-mailcow_1   ... error
Creating mailcowdockerized_postfix-mailcow_1   ...
Creating mailcowdockerized_nginx-mailcow_1     ...

ERROR: for mailcowdockerized_dovecot-mailcow_1  Cannot start service dovecot-mailcow: error configuring network namespace for container d8cf73369bfda68ee181fc1ecbdcd51036215f796aab39Creating mailcowdockerized_postfix-mailcow_1   ... error
r range 0: requested IP address 172.22.1.250 is not available in range set 172.22.1.1-172.22.1.254

ERROR: for mailcowdockerized_postfix-mailcow_1  Cannot start service postfix-mailcow: error configuring network namespace for container 5e27fbfd330a5f31eaabe680ed66db8d8fec33cc705520d74f9786dc721886fc: error adding pod mailcowdockerized_postfix-mailcow_1_mailcowdockerized_postfix-mailcow_1 to CNI network "mailcowdockerized_mailcow-network": failed to allocate foCreating mailcowdockerized_nginx-mailcow_1     ... done
Creating mailcowdockerized_acme-mailcow_1      ... done

ERROR: for dovecot-mailcow  Cannot start service dovecot-mailcow: error configuring network namespace for container d8cf73369bfda68ee181fc1ecbdcd51036215f796aab39c8a9fc5c5f9f33350d: error adding pod mailcowdockerized_dovecot-mailcow_1_mailcowdockerized_dovecot-mailcow_1 to CNI network "mailcowdockerized_mailcow-network": failed to allocate for range 0: requested IP address 172.22.1.250 is not available in range set 172.22.1.1-172.22.1.254

ERROR: for postfix-mailcow  Cannot start service postfix-mailcow: error configuring network namespace for container 5e27fbfd330a5f31eaabe680ed66db8d8fec33cc705520d74f9786dc721886fc: error adding pod mailcowdockerized_postfix-mailcow_1_mailcowdockerized_postfix-mailcow_1 to CNI network "mailcowdockerized_mailcow-network": failed to allocate for range 0: requested IP address 172.22.1.253 is not available in range set 172.22.1.1-172.22.1.254
ERROR: Encountered errors while bringing up the project.
[root@abydos mailcow-dockerized]#

Steps to reproduce the issue:

Download Mailcow:

sudo -i
mkdir ~/sources/mailcow
cd ~/sources/mailcow
git clone https://github.com/mailcow/mailcow-dockerized
cd mailcow-dockerized

Install docker-compose and dependencies for podman

curl -L https://github.com/docker/compose/releases/download/$(curl -Ls https://www.servercow.de/docker-compose/latest.php)/docker-compose-$(uname -s)-$(uname -m) > /usr/local/sbin/docker-compose
chmod +x /usr/local/sbin/docker-compose

dnf install podman-docker -y
systemctl enable podman.socket --now

Fix generate-config.sh to work with podman:

cat <<EOL > ./podman.patch
--- generate_config.sh  2021-09-03 14:05:22.652448594 +0200
+++ generate_config_new.sh      2021-09-03 14:07:27.284209832 +0200
@@ -25,7 +25,7 @@
   exit 1
 fi

-for bin in openssl curl docker-compose docker git awk sha1sum; do
+for bin in openssl curl docker-compose podman git awk sha1sum; do
   if [[ -z \$(which \${bin}) ]]; then echo "Cannot find \${bin}, exiting..."; exit 1; fi
 done
EOL

patch generate_config.sh podman.patch
./generate_config.sh

Disable IPv6 Network in docker-compose.yml because podman is not able to use this

-        - subnet: ${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
+        #- subnet: ${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}

Follow Install steps from 5. https://mailcow.github.io/mailcow-dockerized-docs/i_u_m_install/

Describe the results you received: See Description

Describe the results you expected: All containers should start successfully

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

podman version 3.2.3

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.21.3
  cgroupControllers:
  - cpuset
  - cpu
  - cpuacct
  - blkio
  - memory
  - devices
  - freezer
  - net_cls
  - perf_event
  - net_prio
  - hugetlb
  - pids
  - rdma
  cgroupManager: systemd
  cgroupVersion: v1
  conmon:
    package: conmon-2.0.29-1.module+el8.4.0+11822+6cc1e7d7.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.29, commit: ae467a0c8001179d4d0adf4ada381108a893d7ec'
  cpus: 4
  distribution:
    distribution: '"rhel"'
    version: "8.4"
  eventLogger: file
  hostname: abydos.localdomain
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 4.18.0-305.19.1.el8_4.x86_64
  linkmode: dynamic
  memFree: 1387593728
  memTotal: 8145637376
  ociRuntime:
    name: runc
    package: runc-1.0.0-74.rc95.module+el8.4.0+11822+6cc1e7d7.x86_64
    path: /usr/bin/runc
    version: |-
      runc version spec: 1.0.2-dev
      go: go1.15.13
      libseccomp: 2.5.1
  os: linux
  remoteSocket:
    exists: true
    path: /run/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: false
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: ""
    package: ""
    version: ""
  swapFree: 4257214464
  swapTotal: 4257214464
  uptime: 3h 8m 12.12s (Approximately 0.12 days)
registries:
  search:
  - registry.access.redhat.com
  - registry.redhat.io
  - docker.io
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 15
    paused: 0
    running: 0
    stopped: 15
  graphDriverName: overlay
  graphOptions:
    overlay.mountopt: nodev,metacopy=on
  graphRoot: /var/lib/containers/storage
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "true"
  imageStore:
    number: 19
  runRoot: /run/containers/storage
  volumePath: /var/lib/containers/storage/volumes
version:
  APIVersion: 3.2.3
  Built: 1627370979
  BuiltTime: Tue Jul 27 09:29:39 2021
  GitCommit: ""
  GoVersion: go1.15.7
  OsArch: linux/amd64
  Version: 3.2.3

Package info (e.g. output of rpm -q podman or apt list podman):

podman-catatonit-3.2.3-0.10.module+el8.4.0+11989+6676f7ad.x86_64
podman-3.2.3-0.10.module+el8.4.0+11989+6676f7ad.x86_64
podman-docker-3.2.3-0.10.module+el8.4.0+11989+6676f7ad.noarch

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/master/troubleshooting.md) No

Additional environment details (AWS, VirtualBox, physical, etc.): Virtual Box

About this issue

Original URL
State: closed
Created 3 years ago
Comments: 37 (15 by maintainers)

Commits related to this issue

podman4: network-usage blog update install instructions The podman package will not install netavark when CNI is already installed. Ref: https://github.com/containers/podman/issues/11719#issuecommen... — committed to Luap99/podman.io_old by Luap99 2 years ago
podman4: network-usage blog update install instructions The podman package will not install netavark when CNI is already installed. Ref: https://github.com/containers/podman/issues/11719#issuecommen... — committed to Luap99/podman.io_old by Luap99 2 years ago
podman4: network-usage blog update install instructions (#509) The podman package will not install netavark when CNI is already installed. Ref: https://github.com/containers/podman/issues/11719#i... — committed to containers/podman.io_old by Luap99 2 years ago

Most upvoted comments

Technically speaking all issues with the compose file against podman are podman bugs. We are trying to match the docker API, there are a few exceptions, the biggest thing is that we do not support docker swarm. So as long as it works with docker and it does not use swarm it should work.

If you could create a small reproducer for both problems and create separate issues for them, this would help getting them fixed.

Luap99 on Mar 14, 2022

@Mordecaine Sorry I do not have time to debug this issue further. We are currently working a new network backend called netavark which hopefully also fixes this issue.

Luap99 on Dec 6, 2021