Jira (FACT-2929) Facter does not correctly detect that it is running inside of a podman container

[Trevor Vaughan (Jira)]

Trevor Vaughan created an issue

Facter / FACT-2929 Facter does not correctly detect that it is running inside of a podman container Issue Type: Bug Affects Versions: FACT 4.0.44 Assignee: Unassigned Components: Facter 4 Created: 2021/01/28 7:02 AM Environment: Rootless podman EL8 instance. Priority: High Reporter: Trevor Vaughan Facter shows the system as physical even when running inside of a rootless podman container. The system should detect that it is inside of a container and, ideally, note that it is rootless/rootful. The following information seems relevant, but may not be a complete picture: There is a /run/.containerenv mountpoint The SELinux context of any of the root-level filesystems is container_file_t. The contents of /proc/self/cgroup contains libpod (rootful) The first two seem to be consistent and the third is the only way that I can tell to determine if you're rootful or rootless.   Add Comment

This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935)

[Mihai Buzgau (Jira)]

Mihai Buzgau updated an issue

Facter / FACT-2929 Facter does not correctly detect that it is running inside of a podman container

Change By: Mihai Buzgau Sprint: Triaged tickets

Add Comment

[Mihai Buzgau (Jira)]

Mihai Buzgau updated an issue

Facter / FACT-2929 Facter does not correctly detect that it is running inside of a podman container

Change By: Mihai Buzgau Team: Night's Watch

Add Comment

[Liam Hadley (Jira)]

Liam Hadley commented on FACT-2929

Re: Facter does not correctly detect that it is running inside of a podman container Beth Glenfield- yep, that's a fair set of assumptions. Right now we are only targeting physical nodes, but have cloud experiences in the mix.

Add Comment

This message was sent by Atlassian Jira (v8.13.2#813002-sha1:c495a97)

[Ciprian Badescu (Jira)]

Ciprian Badescu updated an issue

Facter / FACT-2929

Facter does not correctly detect that it is running inside of a podman container

Change By: Ciprian Badescu Sprint: Triaged tickets

Add Comment

[Yasmin Rajabi (Jira)]

Yasmin Rajabi commented on FACT-2929

Re: Facter does not correctly detect that it is running inside of a podman container Hi Trevor Vaughan this isn't a workflow we have supported in the past so I'd love to understand a bit more what the use case is here and understand the high level story or business objective are you trying to accomplish? Thanks!

Add Comment

[Linus Karl (Jira)]

Linus Karl commented on FACT-2929

Re: Facter does not correctly detect that it is running inside of a podman container

The use case is to have similar behaviour in podman as in docker. In my case I want to use the same puppet scripts that setup machines and VMs for a docker image. In docker some changes should be skipped, so I just exclude them with "if $facts['virtual'] != "docker" {". This works fine in docker, as docker is correctly identified by facter. Inside a docker container facter returns "is_virtual => true" and "virtual => docker". On Podman, which is supposed to be used as a drop-in replacement for docker, the values are "virtual => physical" and "is_virtual => false". Podman and Docker should be handled similar, since they are supposed to be interchangeable, so if on docker facter returns "virtual => docker", facter should also report something other than "virtual => physical". The same goes for is_virtual. Since podman and docker should be interchangeable it would be good if there was some fact that would be the same when inside either docker or podman (but not on physical, VMs, or other container systems like LXC). This would make it easier to have the same behaviour on both docker and podman. For our use case returning the same facts as in docker would suffice. I tested this with facter 4.2.12

Add Comment

This message was sent by Atlassian Jira (v8.20.11#820011-sha1:0629dd8)