Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Run solace container with a non-root user for podman compatibility #62

Merged
merged 1 commit into from
Feb 20, 2024

Conversation

ozangunalp
Copy link
Collaborator

The user gets ownership of the /var/lib/solace directory

Should fix #55

For info with podman I can run a Solace container with the following command:

podman run --rm -it -u 1000 -p 8080:8080 -p 55555 --shm-size=1g \                                                                                                                       
--env username_admin_globalaccesslevel=admin \
--env username_admin_password=admin \
--mount type=tmpfs,destination=/var/lib/solace,ro=false,U=true \
docker.io/solace/solace-pubsub-standard:latest

The user gets ownership of the /var/lib/solace directory
@SravanThotakura05
Copy link
Collaborator

@ozangunalp can we merge this PR?

@ozangunalp
Copy link
Collaborator Author

Yes, if that's ok for you

@@ -245,6 +242,11 @@ protected void configure() {
}
}

@Override
protected void containerIsStarted(InspectContainerResponse containerInfo) {
executeCommand("chown 1000:0 -R /var/lib/solace");
Copy link
Collaborator

@SravanThotakura05 SravanThotakura05 Feb 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ozangunalp I am just going through logs before merging it looks like this command fails. In the docs it mentions that we need to set the permission to source folder. I think we can remove it

image

Copy link
Collaborator

@SravanThotakura05 SravanThotakura05 Feb 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did a quick run on my local by enabling podman, and i didnt see any major issue while using dev container/running tests(Saw same error in log while running tests). Let's merge this now and if any unexpected issue crops up will address in next version.

@SravanThotakura05 SravanThotakura05 merged commit 1cb66b0 into SolaceLabs:main Feb 20, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Solace Dev service doesn't need to set cpuset and ulimits, which may not work with some container runtimes
2 participants