Podman does not see container launched via oci-containers

qpe · January 11, 2025, 1:26pm

q@NixOS:~/whip/ > systemctl status podman-nginx.service

● podman-nginx.service
     Loaded: loaded (/etc/systemd/system/podman-nginx.service; enabled; preset: ignored)
     Active: active (running) since Sat 2025-01-11 13:40:40 EET; 1h 14min ago
 Invocation: 236d5e135c3649f091d34760e64e82fe
   Main PID: 1688 (conmon)
         IP: 0B in, 0B out
         IO: 68.1M read, 360K written
      Tasks: 1 (limit: 18555)
     Memory: 69.8M (peak: 92.9M)
        CPU: 199ms
     CGroup: /system.slice/podman-nginx.service
             └─1688 /nix/store/r7vs4m53li78i7zrljp4r4q4n1gr0g4j-podman-helper-binary-wrapper/bin/conmon --api-version 1 -c f9335590cf6bc>

січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 26
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 27
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 28
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 29
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 30
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 31
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 32
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 33
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 34
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 35
q@NixOS:~/whip/ > journalctl -u podman-nginx.service -b

січ 11 13:40:35 NixOS systemd[1]: Starting podman-nginx.service...
січ 11 13:40:35 NixOS podman[1359]: 2025-01-11 13:40:35.1439339 +0200 EET m=+0.040698956 system refresh
січ 11 13:40:35 NixOS podman-nginx-start[1492]: Trying to pull docker.io/library/nginx:latest...
січ 11 13:40:35 NixOS podman-nginx-start[1492]: Pulling image //nginx:latest inside systemd: setting pull timeout to 5m0s
січ 11 13:40:39 NixOS podman-nginx-start[1492]: Getting image source signatures
січ 11 13:40:39 NixOS podman-nginx-start[1492]: Copying blob sha256:da8cc133ff821c8b0ac7a6667e3a2e70ee6eb04f850e38088f59720017a869db
січ 11 13:40:39 NixOS podman-nginx-start[1492]: Copying blob sha256:566e42bcee1cd697dcab6098c082789af33bc8cbcbaa95c8adbad87283c85c75
січ 11 13:40:39 NixOS podman-nginx-start[1492]: Copying blob sha256:2b99b9c5d9e5679c839357944d083c55c4c045e2cae21f84dfcfe5841e2ea59b
січ 11 13:40:39 NixOS podman-nginx-start[1492]: Copying blob sha256:bd98674871f548eff8a4e4f3d4aa1ba504320ccbabfb0a217c4ea5c23b6144fd
січ 11 13:40:39 NixOS podman-nginx-start[1492]: Copying blob sha256:1e109dd2a0d75eb2ab2491daec5b300e99027ffdd528998612b693f3347b97e4
січ 11 13:40:39 NixOS podman-nginx-start[1492]: Copying blob sha256:fd674058ff8f8cfa7fb8a20c006fc0128541cbbad7f7f7f28df570d08f9e4d92
січ 11 13:40:39 NixOS podman-nginx-start[1492]: Copying blob sha256:c44f27309ea1a5e557aff07fbd5ece457d5cb85583f795b34f342d5550a08a5c
січ 11 13:40:39 NixOS podman-nginx-start[1492]: Copying config sha256:f876bfc1cc63d905bb9c8ebc5adc98375bb8e22920959719d1a96e8f594868fa
січ 11 13:40:39 NixOS podman-nginx-start[1492]: Writing manifest to image destination
січ 11 13:40:39 NixOS podman[1492]: 2025-01-11 13:40:39.899276422 +0200 EET m=+4.721345428 image pull f876bfc1cc63d905bb9c8ebc5adc98375b>
січ 11 13:40:39 NixOS podman[1492]: 2025-01-11 13:40:39.917284041 +0200 EET m=+4.739353047 container create f9335590cf6bcb043525c589baa3>
січ 11 13:40:40 NixOS podman[1492]: 2025-01-11 13:40:40.129315495 +0200 EET m=+4.951384501 container init f9335590cf6bcb043525c589baa395>
січ 11 13:40:40 NixOS podman[1492]: 2025-01-11 13:40:40.130682041 +0200 EET m=+4.952751047 container start f9335590cf6bcb043525c589baa39>
січ 11 13:40:40 NixOS systemd[1]: Started podman-nginx.service.
січ 11 13:40:40 NixOS podman-nginx-start[1492]: f9335590cf6bcb043525c589baa395f36817045af47bc9e58e80bae096ba1c49
січ 11 13:40:40 NixOS nginx[1688]: /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
січ 11 13:40:40 NixOS nginx[1688]: /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
січ 11 13:40:40 NixOS nginx[1688]: /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
січ 11 13:40:40 NixOS nginx[1688]: 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
січ 11 13:40:40 NixOS nginx[1688]: 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
січ 11 13:40:40 NixOS nginx[1688]: /docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh
січ 11 13:40:40 NixOS nginx[1688]: /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
січ 11 13:40:40 NixOS nginx[1688]: /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
січ 11 13:40:40 NixOS nginx[1688]: /docker-entrypoint.sh: Configuration complete; ready for start up
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: using the "epoll" event method
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: nginx/1.27.3
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: built by gcc 12.2.0 (Debian 12.2.0-14)
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: OS: Linux 6.12.9-cachyos
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker processes
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 24
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 25
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 26
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 27
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 28
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 29
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 30
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 31
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 32
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 33
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 34
січ 11 13:40:40 NixOS nginx[1688]: 2025/01/11 11:40:40 [notice] 1#1: start worker process 35
q@NixOS:~/whip/ > podman ps

CONTAINER ID  IMAGE       COMMAND     CREATED     STATUS      PORTS       NAMES
q@NixOS:~/whip/ > podman ps -aqf "name=podman-nginx.service"

my configuration:

            virtualisation = {
              podman = {
                enable = true;
                # Create a docker alias for podman, to use it as a drop-in replacement
                dockerCompat = true;
                # Required for containers under podman-compose to be able to talk to each other.
                defaultNetwork.settings.dns_enabled = true;
                # extraPackages = [ pkgs.zfs ]; # Required if the host is running ZFS
              };
              containers = {
                # Enable common container config files in /etc/containers
                enable = true;
              };
              oci-containers.containers = {
                nginx = {
                  image = "nginx:latest";
                  ports = ["8080:80"]; 
                  extraOptions = ["--pull=always"];
                };
              };
            };


              firewall.interfaces.enp6s0.allowedTCPPorts = [
                8080 
              ];

NobbZ · January 12, 2025, 4:20pm

Podman is not running a centralised container, so each user does only ever see its own containers.