podman: The generated yaml file does not work the same way as if I manually created a pod

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

When I manually create a pod then attach containers everything works. But when i try to play a generated kube file i got a permission denied errors.

  1. I manually create a pod and attach containers:
podman pod create --name=droplet -p 8080:80 -p 8443:443

podman run -d --name nginx --pod droplet \
    -v /var/pods/droplet/nginx:/etc/nginx:ro,Z \
    -v ~/.acme.sh/example.com:/etc/letsencrypt:ro,Z \
     nginx:1.19.1-alpine

podman run -d --name n8n --pod droplet \
    -v /var/pods/droplet/n8n:/root/.n8n:Z \
    -e GENERIC_TIMEZONE="Europe/Moscow" \
    -e N8N_BASIC_AUTH_ACTIVE=true \
    -e N8N_BASIC_AUTH_USER="user" \
    -e N8N_BASIC_AUTH_PASSWORD="password" \
    -e N8N_HOST="example.comi" \
    -e VUE_APP_URL_BASE_API="example.comi" \
    -e N8N_ENCRYPTION_KEY="secret-token-key" \
    -e NODE_FUNCTION_ALLOW_BUILTIN="*" \
    -e NODE_FUNCTION_ALLOW_EXTERNAL="lodash" \
    -e WEBHOOK_TUNNEL_URL="https://example.com" \
     n8nio/n8n:0.76.0

Everything works here.

  1. So, lets generate a droplet.yml by podman generate kube droplet > droplet.yml command.
  2. podman play kube droplet.yml

Describe the results you received: My containers exited with errors codes because permission denied to all volumes.

Describe the results you expected: Everything works like it works with just commands from step 1.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:      2.0.4
API Version:  1
Go Version:   go1.14.6
Built:        Thu Jan  1 00:00:00 1970
OS/Arch:      linux/amd64

Output of podman info --debug:

APIVersion: 1
Built: 0
BuiltTime: Thu Jan  1 00:00:00 1970
GitCommit: ""
GoVersion: go1.14.6
OsArch: linux/amd64
Version: 2.0.4

Package info (e.g. output of rpm -q podman or apt list podman):

podman-2.0.4-1.fc32.x86_64

Additional environment details (AWS, VirtualBox, physical, etc.): Rootless mode.

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 16 (4 by maintainers)

Most upvoted comments

@ashley-cui PTAL

+1
zhangguanzhang on Oct 13, 2020
Read more comments on GitHub
← podman: The `--user` option has inconsistent effects on the container passwd and group entries.
podman: The official Nginx container no longer works on Podman 2.0.0-dev →