Re: Running docker containers with podman (on NetBSD!)

[Leonardo Taccari <leot%NetBSD.org@localhost>]

coypu%sdf.org@localhost writes:
> Hi all,
>

Hello coypu!

> I added a package to pkgsrc called Podman.
> It's a tool for running OCI containers, and it has the same command line
> behaviour as the docker command line argument.
>
> There are some selling points for it over docker, but the most important
> for us is the fact it has a mode where it spawns a Linux VM to talk to
> for you, so it runs on NetBSD!
>

That's really nice, thank you very much for working on it!

> One caveat is that NetBSD somewhat struggles running virtualized Linux
> by default. The virtualized ticks are just too slow, so it panics with:
>   Kernel panic - not syncing: IO-APIC + timer doesn't work! Boot with
>   apic=debug and send a report. Then try booting with the 'noapic' option.
>
> One way to work around it, convenient for this purpose, is to rebuild
> your kernel with "options HZ=1000" added, then you don't need to edit
> the command line arguments in the VM.
> [...]

I was tempted to try the other workaround, i.e. append `noapic'
directly at the boot but... that was a bit challenging! :)  So here all
the notes that I have collected.

 1. Download the image via:
     podman machine init
 2. After the image is downloaded and extracted SSH keys will be
    generated under ~/.ssh and there will be a Ignition config in
    ~/.config/containers/podman/machine/qemu/podman-machine-default.ign.
    In order to append `noapic' to the kernel arguments we need to
    adjust the following in podman-machine-default.ign:
	2a. Reindent the JSON to be a bit easier to edit, e.g. via
            `jq .'
	2b. Bump .ignition.version to "3.3.0" (it is "3.2.0")
	2c. At the end, after systemd object add a comma `,' and then
	    another JSON object:
                "kernelArguments": {
                  "shouldExist": ["noapic"]
                }
 3. Manually run the image via QEMU in order to initialize it via the
    ignite config so that `noapic' is appended.  Assuming we are in our
    home directory, e.g.:
     qemu-system-x86_64 -accel nvmm -nographic -m 1G -smp 1 \
	 -fw_cfg name=opt/com.coreos/config,file=.config/containers/podman/machine/qemu/podman-machine-default.ign \
         -drive if=virtio,file=.local/sif=virtio,file=.local/share/containers/podman/machine/qemu/podman-machine-default_fedora-coreos-34.20210821.1.1-qemu.x86_64.qcow2
 4. In GRUB press `e' in order to edit the boot entry.  In the kernel
    line append at the end `noapic' and press Ctrl-x to boot it
 5. The ignition config will be applied and it will reboot
 6. In GRUB press `c' and then `halt' in order to poweroff the machine
    (we're done!)
 7. Start the machine as usual via `podman machine start'