podman_container: pasta network breaks idempotency
2b opened this issue · 0 comments
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
When using pasta network for podman_container, the container gets recreated on every run even when there were no changes.
Steps to reproduce the issue:
The following runs fine and doesn't re-create the container if it already exists:
- name: Create Nginx container
containers.podman.podman_container:
name: nginx
image: nginx:1.25-alpine
network:
- "slirp4netns:port_handler=slirp4netns"
But the following re-creates the container on every run even when it already exists:
- name: Create Nginx container
containers.podman.podman_container:
name: nginx
image: nginx:1.25-alpine
network:
- "pasta:-4,-t,80,-t,443,-u,443,-T,3000"
The same behavior is reproducible using just "pasta" without any options.
Describe the results you received:
Describe the results you expected:
Additional information you deem important (e.g. issue happens only occasionally):
Version of the containers.podman collection:
Either git commit if installed from git: git show --summary
Or version from ansible-galaxy if installed from galaxy: ansible-galaxy collection list | grep containers.podman
containers.podman 1.11.0
Output of ansible --version:
ansible [core 2.16.3]
...
python version = 3.11.8 (main, Feb 6 2024, 21:21:21) [GCC 13.2.0]
jinja version = 3.1.3
libyaml = True
Output of podman version:
Client: Podman Engine
Version: 4.9.3
API Version: 4.9.3
Go Version: go1.21.7
Built: Thu Feb 22 16:54:00 2024
OS/Arch: linux/amd64
Output of podman info --debug:
host:
arch: amd64
buildahVersion: 1.33.5
cgroupControllers:
- cpu
- memory
- pids
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: conmon-2.1.10-1.2.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.1.10, commit: unknown'
cpuUtilization:
idlePercent: 99.43
systemPercent: 0.19
userPercent: 0.38
cpus: 4
databaseBackend: sqlite
distribution:
distribution: opensuse-microos
version: "20240227"
eventLogger: journald
freeLocks: 2044
hostname: host
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 6.7.6-1-default
linkmode: dynamic
logDriver: journald
memFree: 2834034688
memTotal: 4110884864
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: aardvark-dns-1.10.0-1.2.x86_64
path: /usr/libexec/podman/aardvark-dns
version: aardvark-dns 1.10.0
package: netavark-1.10.3-1.1.x86_64
path: /usr/libexec/podman/netavark
version: netavark 1.10.3
ociRuntime:
name: crun
package: crun-1.14-1.3.x86_64
path: /usr/bin/crun
version: |-
crun version 1.14
commit: 667e6ebd4e2442d39512e63215e79d693d0780aa
rundir: /run/user/1000/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
os: linux
pasta:
executable: /usr/bin/pasta
package: passt-0~git20230823-1.22.x86_64
version: |
pasta unknown version
Copyright Red Hat
GNU Affero GPL version 3 or later <https://www.gnu.org/licenses/agpl-3.0.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
remoteSocket:
exists: false
path: /run/user/1000/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /etc/containers/seccomp.json
selinuxEnabled: true
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.2.3-1.1.x86_64
version: |-
slirp4netns version 1.2.3
commit: unknown
libslirp: 4.7.0
SLIRP_CONFIG_VERSION_MAX: 5
libseccomp: 2.5.5
swapFree: 0
swapTotal: 0
uptime: 3h 24m 34.00s (Approximately 0.12 days)
variant: ""
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
search:
- registry.opensuse.org
- registry.suse.com
- docker.io
store:
configFile: /home/user/.config/containers/storage.conf
containerStore:
number: 3
paused: 0
running: 3
stopped: 0
graphDriverName: overlay
graphOptions: {}
graphRoot: /home/user/.local/share/containers/storage
graphRootAllocated: 31525322752
graphRootUsed: 922431488
graphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "true"
Supports d_type: "true"
Supports shifting: "false"
Supports volatile: "true"
Using metacopy: "false"
imageCopyTmpDir: /var/tmp
imageStore:
number: 4
runRoot: /run/user/1000/containers
transientStore: false
volumePath: /home/user/.local/share/containers/storage/volumes
version:
APIVersion: 4.9.3
Built: 1708610040
BuiltTime: Thu Feb 22 16:54:00 2024
GitCommit: ""
GoVersion: go1.21.7
Os: linux
OsArch: linux/amd64
Version: 4.9.3Package info (e.g. output of rpm -q podman or apt list podman):
Repository : openSUSE-Tumbleweed-Oss
Name : podman
Version : 4.9.3-2.1
Arch : x86_64
Vendor : openSUSE
Installed Size : 49.5 MiB
Installed : Yes (automatically)
Status : up-to-date
Source package : podman-4.9.3-2.1.src
Playbok you run with ansible (e.g. content of playbook.yaml):
(paste your output here)Command line and output of ansible run with high verbosity
Please NOTE: if you submit a bug about idempotency, run the playbook with --diff option, like:
ansible-playbook -i inventory --diff -vv playbook.yml
TASK [Create Nginx container] ******************************************************************
--- before
+++ after
@@ -1 +1 @@
-network - []
+network - ['pasta:-4,-t,80,-t,443,-u,443,-T,3000']
Additional environment details (AWS, VirtualBox, physical, etc.):