Usage:
```
minikube config set rootless true
minikube start --driver=podman --container-runtime=(cri-o|containerd)`
```
Tested on Podman 4.0.2, Ubuntu 21.10.
Needs cgroup v2 (as in Rootless Docker): https://rootlesscontaine.rs/getting-started/common/cgroup2/
See also `site/content/en/docs/drivers/includes/podman_usage.inc`
Fix issue 8719
Fix issue 12460
Replace PR 12901
Changes from PR 12901: `rootless` is now a config property.
In the previous PR, `--rootless` was implemented as a flag for `minikube start`
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
The "minikube" network was not deleted due to the breaking change of
`podman network inspect` in Podman v4.
Fix issue 13861
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
minikube 1.23 (PR 12359) added fuse-overlayfs snapshotter for rootless Docker driver,
but got broken in minikube 1.25 (issue 13534).
We can drop fuse-overlayfs for kernel >= 5.11.
Fix issue 13534
We may add back fuse-overlayfs later if there is a huge demand to
support kernel < 5.11.
That will require packing preloadable tarballs for fuse-overlayfs
snapshotter.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Print additional info about preserving kicbase image and generates
image deletion command for user when running `minikube delete`.
Message is printed only when `--purge` option is used.
Requirements:
- Install rootless Docker 20.10 or later, see https://rootlesscontaine.rs/getting-started/docker/
- Enable cgroup v2 delegation, see https://rootlesscontaine.rs/getting-started/common/cgroup2/
Usage: `minikube start --driver=docker --container-runtime=containerd`.
The `--container-runtime` flag needs to be set to "containerd".
CRI-O can be also supported later.
Closes issue 10836 ("add support for rootless Docker").
Support for rootless Podman (issue 8719) is not covered in this commit.
---
Code reading guide:
- `deploy/kicbase/Dockerfile`: updated to install fuse-overlayfs and containerd-fuse-overlayfs, which is used
instead of `overlayfs` snapshotter
- `deploy/kicbase/entrypoint`: updated to verify cgroup v2 delegation.
Mostly from 8a83ee46b2/images/base/files/usr/local/bin/entrypoint
- `cmd/minikube/cmd/start_flags.go`: updated to set `KubeletInUserNamespace` feature gate when rootless
- `pkg/drivers/kic/oci`: updated to use port forwarding, because rootless container IPs are not reachable from the host
- `pkg/minikube/cruntime`: updated to generate `/etc/containerd/config.toml` with rootless support.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Steven Powell
Steven Powell
Rahil Patel
Kian-Meng Ang
Kevin Grigorenko
Alex Andrews
Pablo Caderno
Akihiro Suda
Medya Gh
Piotr Resztak
hetong07
Medya Ghazizadeh
Anders F Björklund
Kent Iso
Priya Wadhwa
Ilya Zuyev
Nick Kubala
Priya Modali
Sharif Elgamal
Thomas Stromberg