Installation Podman
Install Podman
https://podman.io/getting-started/installation
Also make sure that slirp4netns is installed. This will be helpful to run in rootless mode: yum install slirp4netns podman -y
Rootless Mode
Increase username namespaces
As admin, increase the number user of namespaces in the kernel, by pasting the following on userns.conf file:
sudo echo "user.max_user_namespaces=28633" > /etc/sysctl.d/userns.conf
In case this command does not work, try the following
sudo bash -c "echo user.max_user_namespaces=28633 > /etc/sysctl.d/userns.conf"
Create a new user account (optional)
In case there's no rootless user account, let's create one as admin:
sudo useradd -c "User Name" usernamesudo passwd username(Insert a password for the new user)Do
ssh username@localhostto enter login to the new created user
Upgrade user to rootless mode
Increase the number of user and group IDs that can be used for their containers.
echo "username:200000:65536" >> /etc/subuid
echo "username:200000:65536" >> /etc/subgid
In case these commands don't work.
sudo bash -c "echo username:200000:65536 >> /etc/subuid"
sudo bash -c "echo username:200000:65536 >> /etc/subgid"
Result should be something similar to the following image
To check if user rootless configuration is set up, do
.env file
In order to have access, .env file should at least contain the following:
PROD_MONGO_DB_URL=mongodb://127.0.0.1:27017/polygon-test
PROD_PORT=8030
PROD_BODY_LIMIT=20mb
PROD_API_VERSION=1.0
PROD_API_BASE_URL=http://localhost
PROD_MONGO_DEBUG=true
SIGN_MICROSERVICE_URL=
SIGN_MICROSERVICE_PORT=
PROXY_URL=
PROXY_PORT=
PROXY_USER=
PROXY_PWD=
NODE_ENV=productionPort registered on PROD_API_BASE_URL is where image is going to be running
PROD_MONGO_DB_URL (required): Mongo DB URL. Ex: mongodb://user:password@localhost:27010/biometrid
PROD_PORT (required): Port where app will listen inside of the docker image. Ex: 8030
PROD_BODY_LIMIT: Limit the incoming body payload. Ex: 100kb
PROD_API_VERSION: API Version
PROD_API_BASE_URL (required): API endpoint URL. Ex: https://api.biometrid.com
PROD_MONGO_DEBUG: Enable Mongo DB query logs. Ex: true ou false
SIGN_MICROSERVICE_URL: Polygon URL for signature micro service: Ex: http://localhost
SIGN_MICROSERVICE_PORT: Polygon port for signature micro service. Ex: 8090
PROXY_URL: URL for external micro service.
PROXY_PORT: Port for external micro service.
PROXY_USER: User for external micro service.
PROXY_PWD: Password for external micro service.
NODE_ENV: Required with 'production' value.
ports (required): Map the host machine port to the internal docker port. Ex: 8080:8030
Run Image
To run image, it can be done in multiple ways. The following one uses image ID (a398fa6f8a5b).
podman run -d --env-file=pod.env --network host a398fa6f8a5b
As an alternative, run image by providing it's name.
podman run -d --env-file=pod.env --network host polygoninnovation/biometrid
Common problems
"Running in no deamon mode"
Trying to run image with podman run and there's a single pm2 log saying "Running in no deamon mode" . This problem may cause machine to overload with requests in loop and causing it to crash.
This can be caused because of user id and permissions. It is essencial to create a new rootless user and have podman image related to that user instead of changing owned by command. This may cause problems with user ids and thus this problem.
To fix it, change SELinux status from enforcing to permissive or disabled by doing setenforce Permissive. Do sestatus to check if status was changed.
This will solve the problem, but it's just a temporary fix. The best way is indeed create a new user and have podman image related to him.
Last updated
Was this helpful?