Will this reenable firewall rules/routing when puppet is run #4
Comments
|
The module does not address this issue. There is an open issue for this on the podman project - see: At this point there does not appear to be a good solution to the underlying problem. Possible work-arounds might be re-deploying containers after a firewall change, or limiting use of podman to systems where firewalld rules will be stable, but I don't care for either approach. If/when the upstream issue is addressed I can make any necessary changes to the module. |
|
sounds good, thank you. |
|
FYI, I had to re-work this module to get rootless containers working properly. In doing so I discovered that rootless containers are unable to create their own firewall rules. This means that while you can publish container ports from a rootless container, the host firewall must be managed separately to allow the inbound connections to published port(s). I'm wondering if this will avoid the issue with firewall rules from podman getting clobbered? |
I have the issue where firewalld is being restarted by puppet and the podman rules vanish, does this module get around that somehow (such as redeploying the container), or is that a known limitation?
The text was updated successfully, but these errors were encountered: