Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ofelia + non root podman -> Ofelia labels option seems not usable #305

Open
Tchiimy opened this issue Dec 11, 2024 · 1 comment
Open

Ofelia + non root podman -> Ofelia labels option seems not usable #305

Tchiimy opened this issue Dec 11, 2024 · 1 comment

Comments

@Tchiimy
Copy link

Tchiimy commented Dec 11, 2024

Hi,

I'm running podman-compose to run different services and I wanted to use Ofelia for task scheduling (really cool project by the way).

My first try (I've installed podman podman-docker):

podman run -d \
  --name ofelia \
  --restart unless-stopped \
  --label ofelia.enabled="true" \
  --label ofelia.job-exec.stop_containers.schedule="@every 45s" \
  --label ofelia.job-exec.stop_containers.command="echo hello" \
  --label ofelia.job-exec.stop_containers.no-overlap="true" \
  mcuadros/ofelia:latest \
  daemon --docker

failed to list containers: Get "http://unix.sock/containers/json?filters=%7B%22label%22%3A%5B%22ofelia.enabled%3Dtrue%22%5D%7D": dial unix /var/run/docker.sock: connect: no such file or directory

Then I tried to mount the podman.socket like this:

podman run -d \
  --name ofelia \
  --restart unless-stopped \
  --label ofelia.enabled="true" \
  --label ofelia.job-exec.stop_containers.schedule="@every 45s" \
  --label ofelia.job-exec.stop_containers.command="echo hello" \
  --label ofelia.job-exec.stop_containers.no-overlap="true" \
  --volume /run/podman/podman.sock:/var/run/docker.sock:ro \
  mcuadros/ofelia:latest \
  daemon --docker
Error: statfs /run/podman/podman.sock: permission denied

But running with sudo it seems to work:

sudo podman run -d \
  --name ofelia \
  --restart unless-stopped \
  --label ofelia.enabled="true" \
  --label ofelia.job-exec.stop_containers.schedule="@every 45s" \
  --label ofelia.job-exec.stop_containers.command="echo hello" \
  --label ofelia.job-exec.stop_containers.no-overlap="true" \
  --volume /run/podman/podman.sock:/var/run/docker.sock:ro \
  mcuadros/ofelia:latest \
  daemon --docker
  
sudo podman logs ofelia
2024-12-11T11:12:26.084Z  scheduler.go:44 ▶ NOTICE New job registered "stop_containers" - "echo hello" - "@every 45s"
2024-12-11T11:12:26.086Z  scheduler.go:55 ▶ DEBUG Starting scheduler with 1 jobs
2024-12-11T11:13:11.004Z  common.go:125 ▶ NOTICE [Job "stop_containers" (0eed9bab88de)] Started - echo hello

The problem is that the containers running with/without sudo are not grouped together and that could be a problem for later (because I want to use podman python package to realize tasks and it seems to be able to interact only with the non roots containers)

For the moment the only way I found to run ofelia with podman without sudo is with the .ini files method:

[job-exec "hello-in-ofelia-container"]
schedule = @every 45s
container = ofelia
command = echo hello

systemctl --user enable podman.socket
systemctl --user start podman.socket
systemctl --user status podman.socket
podman run -d \
  --name ofelia \
  --restart unless-stopped \
  --volume /run/user/1000/podman/podman.sock:/var/run/docker.sock:ro \
  --volume /path_to_file/ofelia_config.ini:/etc/ofelia/config.ini:ro \
  mcuadros/ofelia:latest \
  daemon --config=/etc/ofelia/config.ini

podman logs ofelia
2024-12-11T12:02:22.837Z  scheduler.go:44 ▶ NOTICE New job registered "hello-in-ofelia-container" - "echo hello" - "@every 45s"
2024-12-11T12:02:22.838Z  scheduler.go:55 ▶ DEBUG Starting scheduler with 1 jobs
2024-12-11T12:03:07.004Z  common.go:125 ▶ NOTICE [Job "hello-in-ofelia-container" (97f7f0b6fb74)] Started - echo hello
2024-12-11T12:03:09.547Z  common.go:125 ▶ NOTICE [Job "hello-in-ofelia-container" (97f7f0b6fb74)] StdOut: hello
2024-12-11T12:03:09.547Z  common.go:125 ▶ NOTICE [Job "hello-in-ofelia-container" (97f7f0b6fb74)] Finished in "2.542654437s", failed: false, skipped: false, error: none

For the moment this is the solution I found to run Ofelia with Podman but should I do it another way ? Or is it possible to think of a daemon --podman option ?

That would be nice because the labels are really comfortable to use with podman-compose and can work easily with .env files (for variables substitutions in the scheduler for example).

Hence for the moment I substitute the variables of a config.ini with a .env using envsubst before running the podman or podman-compose with Ofelia !
@poplawskidaniel
Copy link

poplawskidaniel commented Jan 11, 2025
edited
Loading

I am not sure if I get problem correctly, however I am using it with rootless podman without any problem.

I think your problem is that in rootles (without sudo) command you have used root socket:
Error: statfs /run/podman/podman.sock: permission denied
instead user one.
In podman command you have changed that to
--volume /run/user/1000/podman/podman.sock:/var/run/docker.sock:ro \

just use /run/user/1000/podman/podman.sock and then you will be able to use other containers for your user.

If you want to mix root and rootless containers I think that you should use same socket with correct accesses. However it's probably aginst design of podman. Best option would be use only one kind of containers (eg. rootles).

Edit: For me there is no issue of ofelia and option --daemon docker works for podman as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@poplawskidaniel @Tchiimy