Comment on Question about quadlets and kube play
poVoq@slrpnk.net 2 months ago
Don’t use the kube stuff. That’s entirely seperate from Quadlets and some sort of Kubernetes compatibility.
Comment on Question about quadlets and kube play
poVoq@slrpnk.net 2 months ago
Don’t use the kube stuff. That’s entirely seperate from Quadlets and some sort of Kubernetes compatibility.
sugar_in_your_tea@sh.itjust.works 2 months ago
Awesome, thanks!
In terms of architecture, which is preferred:
I’d like to have one gateway, Caddy, so my cert renewal and proxying are all in one place, and I’d like those proxy configs to look like
http://<container>I’d prefer my containers not be able to talk to each other unless I specifically allow it. The second option would get me that, but I think it would force me to expose ports for each app to the system.
TL; DR - Can I have a “Caddy” pod that can see exposed ports from other pods, but hide those ports from regular system users? If not, I’ll probably do the first option. I also want to be able to expose ports to the host on a per app basis if needed.
Asparagus0098@sh.itjust.works 2 months ago
I ran a podman quadlet setup as a test some time ago. My setup was a little like this:
container_name:portorpod_name:port. This functionality is disabled in the default network by default.sugar_in_your_tea@sh.itjust.works 2 months ago
Awesome, that’s exactly what I want! I guess I missed where pods could be part of multiple networks.
I’m on podman 4.x, but I’m planning to upgrade the OS anyway soon, so it probably won’t be an issue.
Thanks, you’re a stud!
poVoq@slrpnk.net 2 months ago
I use one pod per app more or less. The reverse-proxy conf depends a bit on the specific app so that depends, but it will probably work for most by sharing a network and exposing the ports in the pods