Comment on Podman Quadlets Arr-Stack And Networking
Excaliburr@lemmy.dbzer0.com 1 day agoThanks for the answer.
To 1. Maybe I worded that poorly, I do understand that I can’t take out the engine haha (good analogy). I thought gluetun was supposed to set the default route (but it seems it either doesn’t or can’t), I’ll dig deeper into manually setting a default route for containers. My goal was to only have gluetun see my computer’s network and have the containers only see local network and gluetun’s tun0 network (with default routing through tun0). AFAIK pods share network namespaces, though, so that might not be possible? (even without pods?) 2. The quadlets are in the spoiler at the bottom of the post. I’ll move the spoiler up a bit 3. So they would be rootless containers, but have root access as 0:0, if I understand that correctly? linuxserver images require 0:0 or they won’t start, do you happen to know a workaround?
just_another_person@lemmy.world 1 day ago
If they require root at start, it’s more than likely they need to access devices or sockets on the host on startup. If it’s then transitioning to another uid/gid for the actual runtime in the container - which looks to be happening - its not quite rootLESS because it obviously requires root.
I’m unfamiliar with the linuxserver images, so don’t understand the need for root here.
Excaliburr@lemmy.dbzer0.com 1 day ago
I see, that makes sense. Thank you.