virtualisation.oci-containers option results in Error: failed to set the loopback adapter up: operation not permitted #30

protob · 2023-03-09T18:14:50Z

Hello,

Is it possible to use virtualisation.oci-containers.containers in extra-container?
I was trying to move my working setup of Hasura and Postres from configuration.nix to extra-container

Here is my config hasura.nix

{ config, pkgs, ... }:
let
  app = "hasura";
in
{
  containers.hasura = {
    config = {

      systemd.services.podman-create-pod = {
        serviceConfig.Type = "oneshot";
        wantedBy = [ "multi-user.target" ];
        script = ''
          ${pkgs.podman}/bin/podman pod exists hasura-pg || \

             ${pkgs.podman}/bin/podman pod create -n hasura-pg -p '127.0.0.1:8080:8080' --privileged 

        '';
      };

      virtualisation = {
        podman = {
          enable = true;
          # dockerCompat = true;
        };
        oci-containers = {
          backend = "podman";
        };
      };

      virtualisation.oci-containers.containers = {
        pg2 = {
          autoStart = true;
          image = "postgres:latest";
          # pod = "hasura-pod";
          # dependsOn = [ "podman-create-pod-postgres" ];
          environment = {
            POSTGRES_PASSWORD = "password";
            POSTGRES_USER = "postgres";
            POSTGRES_DB = "postgres";
          };
          volumes = [ "postgresql:/var/lib/postgresql/data" ];
        };
        hasura = {
          autoStart = true;
          image = "hasura/graphql-engine:latest";
          # pod = "hasura-pod";
          dependsOn = [ "pg2" ];
          ports = [ "8080:8080" ];
          environment = {
            HASURA_GRAPHQL_DATABASE_URL = "postgres://postgres:[email protected]:5432/postgres";
            HASURA_GRAPHQL_ENABLE_CONSOLE = "true";
          };
        };

      };

    };
  };
}

I run it with:

sudo extra-container create --start <<EOF
$(cat hasura.nix)
EOF

When i login to the container hasura with sudo extra-container root-login hasura

The command

 journalctl -u podman-hasura

logs:

[root@hasura:~]# journalctl -u podman-hasura
Mar 09 16:04:43 hasura systemd[1]: Starting podman-hasura.service...
Mar 09 16:04:43 hasura systemd[1]: Started podman-hasura.service.
Mar 09 16:04:43 hasura podman-hasura-start[324]: Resolving "hasura/graphql-engine" using unqualified-search registries (/etc/containers/registries.conf)
Mar 09 16:04:46 hasura podman-hasura-start[324]: Copying blob sha256:141b63796c223137e9ceed83507c78dd07c1e21b662c0dc45ef685345ad1e3ca
Mar 09 16:04:56 hasura podman-hasura-start[324]: Copying config sha256:c7e4959a8d1d0d105e07ef57bedc06dc061202942a3264e838188408b62dbee4
Mar 09 16:04:56 hasura podman-hasura-start[324]: Writing manifest to image destination
Mar 09 16:04:56 hasura podman-hasura-start[324]: Storing signatures
Mar 09 16:05:05 hasura podman-hasura-start[324]: Your kernel does not support pids limit capabilities or the cgroup is not mounted. PIDs limit discarded.
Mar 09 16:05:05 hasura podman[324]: 2023-03-09 16:04:43.580866159 +0100 CET m=+0.030200735 image pull  hasura/graphql-engine:latest
Mar 09 16:05:05 hasura podman[324]: 
Mar 09 16:05:05 hasura podman[324]: 2023-03-09 16:05:05.49684873 +0100 CET m=+21.946183305 container create 9608678a868dcf47a36c110aa2f402bddb4e3d6a2b20e77eadca889dec510233 (ima>
Mar 09 16:05:06 hasura podman[324]: 2023-03-09 16:05:06.166474247 +0100 CET m=+22.615808819 container remove 9608678a868dcf47a36c110aa2f402bddb4e3d6a2b20e77eadca889dec510233 (im>
Mar 09 16:05:06 hasura podman-hasura-start[324]: Error: failed to set the loopback adapter up: operation not permitted
Mar 09 16:05:06 hasura systemd[1]: podman-hasura.service: Main process exited, code=exited, status=126/n/a
Mar 09 16:05:07 hasura systemd[1]: podman-hasura.service: Failed with result 'exit-code'.
Mar 09 16:05:07 hasura systemd[1]: podman-hasura.service: Scheduled restart job, restart counter is at 1.
Mar 09 16:05:07 hasura systemd[1]: Stopped podman-hasura.service.
Mar 09 16:05:07 hasura systemd[1]: Starting podman-hasura.service...
Mar 09 16:05:08 hasura systemd[1]: Started podman-hasura.service.
Mar 09 16:05:08 hasura podman-hasura-start[688]: Your kernel does not support pids limit capabilities or the cgroup is not mounted. PIDs limit discarded.
Mar 09 16:05:08 hasura podman[688]: 2023-03-09 16:05:08.822942237 +0100 CET m=+0.634314512 image pull  hasura/graphql-engine:latest
Mar 09 16:05:09 hasura podman[688]: 
Mar 09 16:05:09 hasura podman[688]: 2023-03-09 16:05:09.506433369 +0100 CET m=+1.317805647 container create feb76f728323487104f2b074a6326c6e4d3dbd3f586e55c3d68e59895deebbfd (ima>
Mar 09 16:05:09 hasura podman[688]: 2023-03-09 16:05:09.55648194 +0100 CET m=+1.367854214 container remove feb76f728323487104f2b074a6326c6e4d3dbd3f586e55c3d68e59895deebbfd (imag>
Mar 09 16:05:09 hasura podman-hasura-start[688]: Error: failed to set the loopback adapter up: operation not permitted

I tried also other .oci-containers. and i got this error. Is it fixable or .oci-containers. are just not supported?
Thanks in advance.

The text was updated successfully, but these errors were encountered:

StacyWells75 · 2023-12-21T02:24:43Z

I would but u been pulling from my account and I get nothing so thought I'd look into further and when I start making something from all the image I'm done helping everyone else

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

virtualisation.oci-containers option results in Error: failed to set the loopback adapter up: operation not permitted #30

virtualisation.oci-containers option results in Error: failed to set the loopback adapter up: operation not permitted #30

protob commented Mar 9, 2023 •

edited

Loading

StacyWells75 commented Dec 21, 2023

virtualisation.oci-containers option results in Error: failed to set the loopback adapter up: operation not permitted #30

virtualisation.oci-containers option results in Error: failed to set the loopback adapter up: operation not permitted #30

Comments

protob commented Mar 9, 2023 • edited Loading

StacyWells75 commented Dec 21, 2023

protob commented Mar 9, 2023 •

edited

Loading