podman 配置记录
1. 报错 user namespaces are not enabled in /proc/sys/user/max_user_namespaces
默认 /proc/sys/user/max_user_namespaces 值是 0, 代表普通用户可以创建的 namespace 数目, 只要调大它即可
sudo echo user.max_user_namespaces=1000 >> /etc/sysctl.conf sudo sysctl -p
2. 报警 /etc/subuid and /etc/subgid for adding subids
echo "$USER:100000:65536" >> /etc/subuid echo "$USER:100000:65536" >> /etc/subgid
3. 报警 WARN[0000] using rootless single mapping into the namespace. This might break some images. Check /etc/subuid and /etc/subgid for adding subids
跟 pull 镜像时报错 stderr: there might not be enough IDs available in the namespace (requested 0:42 for /etc/shadow): lchown /etc/shadow: invalid argument
缺少依赖包
curl -o /etc/yum.repos.d/rhel7.6-rootless-preview.repo https://copr.fedorainfracloud.org/coprs/vbatts/shadow-utils-newxidmap/repo/epel-7/vbatts-shadow-utils-newxidmap-epel-7.repo yum install -y shadow-utils46-newxidmap slirp4netns
4. 报错 Error: error checking slirp4netns binary /usr/bin/slirp4netns: exit status 1
主要因为 slirp4netns 版本太老, 换个新版本即可, github 地址 : https://github.com/rootless-containers/slirp4netns