podman 5.0.3 fails now with message pasta failed with exit code 1: couldn't set IPv6 route(s) in guest: no route to host #22824
Description
Issue Description
This seems very similar to the closed issue from a couple months ago #22192.
My configuration was bit more complex as I'm running a few containers in a pod. The workaround from that was to use --net=pasta:-4 argument and that works for the containers that are not in the pod however, it doesn't work for the containers I try to run in a pod.
To simplify things I tried just doing the basics from that issue #22192.
So if I do
podman run --rm fedora:latest
The error is:
Error: pasta failed with exit code 1:
Couldn't set IPv6 route(s) in guest: No route to host
If I do:
podman run --net=pasta:-4 --rm fedora:latest
Then it works as expected. I'm having issues because this workaround doesn't work for running containers inside pods apparently but as I started troubleshooting since I can't run a simple container I figured it was easiest to troubleshoot that problem and fixing that will probably fix the container inside of a pod issue.
Steps to reproduce the issue
Steps to reproduce the issue
- Running up to date version of Manjaro
- installed podman v5.0.3
- installed passt v 2024-05-23-765eb0b-1
- Run the following command - podman run --rm fedora:latest
Describe the results you received
The container doesn't run and I receive the following error message:
Error: pasta failed with exit code 1:
Couldn't set IPv6 route(s) in guest: No route to host
Describe the results you expected
The expected result is for the container to run without any errors
podman info output
podman info --debug
host:
arch: amd64
buildahVersion: 1.35.4
cgroupControllers:
- memory
- pids
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: /usr/bin/conmon is owned by conmon 1:2.1.11-1
path: /usr/bin/conmon
version: 'conmon version 2.1.10, commit: e21e7c85b7637e622f21c57675bf1154fc8b1866'
cpuUtilization:
idlePercent: 94.88
systemPercent: 0.61
userPercent: 4.5
cpus: 20
databaseBackend: boltdb
distribution:
distribution: manjaro
version: unknown
eventLogger: journald
freeLocks: 2045
hostname: DejaRaptor
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 6.8.9-3-MANJARO
linkmode: dynamic
logDriver: journald
memFree: 2297589760
memTotal: 67126120448
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: Unknown
package: /usr/lib/podman/netavark is owned by netavark 1.10.3-1
path: /usr/lib/podman/netavark
version: netavark 1.10.3
ociRuntime:
name: crun
package: /usr/bin/crun is owned by crun 1.15-1
path: /usr/bin/crun
version: |-
crun version 1.15
commit: e6eacaf4034e84185fd8780ac9262bbf57082278
rundir: /run/user/1000/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
os: linux
pasta:
executable: /usr/bin/pasta
package: /usr/bin/pasta is owned by passt 2024_05_23.765eb0b-1
version: |
pasta 2024_05_23.765eb0b
Copyright Red Hat
GNU General Public License, version 2 or later
<https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
remoteSocket:
exists: false
path: /run/user/1000/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /etc/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: /usr/bin/slirp4netns is owned by slirp4netns 1.3.0-1
version: |-
slirp4netns version 1.3.0
commit: 8a4d4391842f00b9c940bb8f067964427eb0c964
libslirp: 4.7.0
SLIRP_CONFIG_VERSION_MAX: 4
libseccomp: 2.5.5
swapFree: 0
swapTotal: 0
uptime: 46h 23m 59.00s (Approximately 1.92 days)
variant: ""
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries: {}
store:
configFile: /home/craig/.config/containers/storage.conf
containerStore:
number: 2
paused: 0
running: 1
stopped: 1
graphDriverName: overlay
graphOptions: {}
graphRoot: /home/craig/.local/share/containers/storage
graphRootAllocated: 2014790946816
graphRootUsed: 722278821888
graphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "true"
Supports d_type: "true"
Supports shifting: "false"
Supports volatile: "true"
Using metacopy: "false"
imageCopyTmpDir: /var/tmp
imageStore:
number: 66
runRoot: /run/user/1000/containers
transientStore: false
volumePath: /home/craig/.local/share/containers/storage/volumes
version:
APIVersion: 5.0.3
Built: 1715595915
BuiltTime: Mon May 13 03:25:15 2024
GitCommit: d08315df35cb6e95f65bf3935f529295c6e54742-dirty
GoVersion: go1.22.3
Os: linux
OsArch: linux/amd64
Version: 5.0.3Podman in a container
No
Privileged Or Rootless
Rootless
Upstream Latest Release
Yes
Additional environment details
Manjaro 24.0.0 with all updates up to 2024-5-18 update installed
Everything was working prior to this update using podman v5.0.2 and passt v2024-04-26 along with various older versions (I've been running this particular set of containers and pods for almost 2 years now).
pacman -Qii podman
Name : podman
Version : 5.0.3-1
Description : Tool and library for running OCI-based containers in pods
Architecture : x86_64
URL : https://github.com/containers/podman
Licenses : Apache-2.0
Groups : None
Provides : None
Depends On : catatonit conmon containers-common crun gcc-libs glibc iptables device-mapper libdevmapper.so=1.02-64 gpgme libgpgme.so=11-64
libseccomp libseccomp.so=2-64 passt
Optional Deps : apparmor: for AppArmor support [installed]
btrfs-progs: support btrfs backend devices [installed]
cni-plugins: for an alternative container-network-stack implementation
fuse-overlayfs: for storage driver in rootless environment
slirp4netns: for alternative rootless network support [installed]
podman-compose: for docker-compose compatibility
podman-docker: for Docker-compatible CLI
Required By : None
Optional For : None
Conflicts With : None
Replaces : None
Installed Size : 76.95 MiB
Packager : David Runge dvzrv@archlinux.org
Build Date : Mon 13 May 2024 03:25:15 AM PDT
Install Date : Sat 25 May 2024 09:18:35 PM PDT
Install Reason : Explicitly installed
Install Script : No
Validated By : Signature
Backup Files : None
Extended Data : pkgtype=split
pacman -Qii passt
Name : passt
Version : 2024_05_23.765eb0b-1
Description : Plug A Simple Socket Transport
Architecture : x86_64
URL : https://passt.top/passt/about/
Licenses : BSD-3-Clause GPL-2.0-or-later
Groups : None
Provides : None
Depends On : glibc
Optional Deps : sh: for demo script [installed]
Required By : podman
Optional For : None
Conflicts With : None
Replaces : None
Installed Size : 425.72 KiB
Packager : David Runge dvzrv@archlinux.org
Build Date : Thu 23 May 2024 02:32:01 PM PDT
Install Date : Sat 25 May 2024 09:18:16 PM PDT
Install Reason : Installed as a dependency for another package
Install Script : No
Validated By : Signature
Backup Files : None
Extended Data : pkgtype=pkg
Additional information
Just let me know if I can provide any other details. I don't really work with containers daily and I set all of this up almost 2 years ago and it has worked flawlessly until now. So I'm having to refresh myself on things but I do have the original commands I used to create the pods, containers and then the systemd .service files I use to currently launch everything. For right now I can only run the containers that are no inside of a pod by adding the --net=pasta:-4 argument to them. Adding that argument to containers that are trying to start inside a pod just fails with
ERRO[0000] Starting some container dependencies
ERRO[0000] "pasta failed with exit code 1:\nCouldn't set IPv6 route(s) in guest: No route to host\n"
That is the same error message with or without the --net=pasta:-4 argument