Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Ofelia + non root podman -> Ofelia labels option seems not usable #305

Open
Tchiimy opened this issue Dec 11, 2024 · 1 comment
Open

Ofelia + non root podman -> Ofelia labels option seems not usable #305

Tchiimy opened this issue Dec 11, 2024 · 1 comment

Comments

@Tchiimy
Copy link

Tchiimy commented Dec 11, 2024

Hi,

I'm running podman-compose to run different services and I wanted to use Ofelia for task scheduling (really cool project by the way).

My first try (I've installed podman podman-docker):

podman run -d \
  --name ofelia \
  --restart unless-stopped \
  --label ofelia.enabled="true" \
  --label ofelia.job-exec.stop_containers.schedule="@every 45s" \
  --label ofelia.job-exec.stop_containers.command="echo hello" \
  --label ofelia.job-exec.stop_containers.no-overlap="true" \
  mcuadros/ofelia:latest \
  daemon --docker

failed to list containers: Get "http://unix.sock/containers/json?filters=%7B%22label%22%3A%5B%22ofelia.enabled%3Dtrue%22%5D%7D": dial unix /var/run/docker.sock: connect: no such file or directory

Then I tried to mount the podman.socket like this:

podman run -d \
  --name ofelia \
  --restart unless-stopped \
  --label ofelia.enabled="true" \
  --label ofelia.job-exec.stop_containers.schedule="@every 45s" \
  --label ofelia.job-exec.stop_containers.command="echo hello" \
  --label ofelia.job-exec.stop_containers.no-overlap="true" \
  --volume /run/podman/podman.sock:/var/run/docker.sock:ro \
  mcuadros/ofelia:latest \
  daemon --docker
Error: statfs /run/podman/podman.sock: permission denied

But running with sudo it seems to work:

sudo podman run -d \
  --name ofelia \
  --restart unless-stopped \
  --label ofelia.enabled="true" \
  --label ofelia.job-exec.stop_containers.schedule="@every 45s" \
  --label ofelia.job-exec.stop_containers.command="echo hello" \
  --label ofelia.job-exec.stop_containers.no-overlap="true" \
  --volume /run/podman/podman.sock:/var/run/docker.sock:ro \
  mcuadros/ofelia:latest \
  daemon --docker
  
sudo podman logs ofelia
2024-12-11T11:12:26.084Z  scheduler.go:44 ▶ NOTICE New job registered "stop_containers" - "echo hello" - "@every 45s"
2024-12-11T11:12:26.086Z  scheduler.go:55 ▶ DEBUG Starting scheduler with 1 jobs
2024-12-11T11:13:11.004Z  common.go:125 ▶ NOTICE [Job "stop_containers" (0eed9bab88de)] Started - echo hello

The problem is that the containers running with/without sudo are not grouped together and that could be a problem for later (because I want to use podman python package to realize tasks and it seems to be able to interact only with the non roots containers)

For the moment the only way I found to run ofelia with podman without sudo is with the .ini files method:

[job-exec "hello-in-ofelia-container"]
schedule = @every 45s
container = ofelia
command = echo hello

systemctl --user enable podman.socket
systemctl --user start podman.socket
systemctl --user status podman.socket
podman run -d \
  --name ofelia \
  --restart unless-stopped \
  --volume /run/user/1000/podman/podman.sock:/var/run/docker.sock:ro \
  --volume /path_to_file/ofelia_config.ini:/etc/ofelia/config.ini:ro \
  mcuadros/ofelia:latest \
  daemon --config=/etc/ofelia/config.ini

podman logs ofelia
2024-12-11T12:02:22.837Z  scheduler.go:44 ▶ NOTICE New job registered "hello-in-ofelia-container" - "echo hello" - "@every 45s"
2024-12-11T12:02:22.838Z  scheduler.go:55 ▶ DEBUG Starting scheduler with 1 jobs
2024-12-11T12:03:07.004Z  common.go:125 ▶ NOTICE [Job "hello-in-ofelia-container" (97f7f0b6fb74)] Started - echo hello
2024-12-11T12:03:09.547Z  common.go:125 ▶ NOTICE [Job "hello-in-ofelia-container" (97f7f0b6fb74)] StdOut: hello
2024-12-11T12:03:09.547Z  common.go:125 ▶ NOTICE [Job "hello-in-ofelia-container" (97f7f0b6fb74)] Finished in "2.542654437s", failed: false, skipped: false, error: none

For the moment this is the solution I found to run Ofelia with Podman but should I do it another way ? Or is it possible to think of a daemon --podman option ?

That would be nice because the labels are really comfortable to use with podman-compose and can work easily with .env files (for variables substitutions in the scheduler for example).

Hence for the moment I substitute the variables of a config.ini with a .env using envsubst before running the podman or podman-compose with Ofelia !
@poplawskidaniel
Copy link

poplawskidaniel commented Jan 11, 2025
edited
Loading

I am not sure if I get problem correctly, however I am using it with rootless podman without any problem.

I think your problem is that in rootles (without sudo) command you have used root socket:
Error: statfs /run/podman/podman.sock: permission denied
instead user one.
In podman command you have changed that to
--volume /run/user/1000/podman/podman.sock:/var/run/docker.sock:ro \

just use /run/user/1000/podman/podman.sock and then you will be able to use other containers for your user.

If you want to mix root and rootless containers I think that you should use same socket with correct accesses. However it's probably aginst design of podman. Best option would be use only one kind of containers (eg. rootles).

Edit: For me there is no issue of ofelia and option --daemon docker works for podman as well.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@poplawskidaniel @Tchiimy