Document Podman limitations

[feloy]

What type of PR is this:

Document Podman limitations

Preview: https://deploy-preview-6653--odo-docusaurus-preview.netlify.app/docs/development/architecture/podman-support-limitations

/area documentation
What does this PR do / why we need it:

Which issue(s) this PR fixes:

Fixes #6592

PR acceptance criteria:

• Unit test

• Integration test

• Documentation

How to test changes / Special notes to the reviewer:

[netlify]

✅ Deploy Preview for odo-docusaurus-preview ready!

Name	Link
🔨 Latest commit	c49150d
🔍 Latest deploy log	https://app.netlify.com/sites/odo-docusaurus-preview/deploys/64180ae1bebc8300084125b3
😎 Deploy Preview	https://deploy-preview-6653--odo-docusaurus-preview.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site settings.

[odo-robot]

OpenShift Unauthenticated Tests on commit 9732f1a finished successfully.
View logs: TXT HTML

[odo-robot]

NoCluster Tests on commit 9732f1a finished successfully.
View logs: TXT HTML

[odo-robot]

Unit Tests on commit 9732f1a finished successfully.
View logs: TXT HTML

[odo-robot]

Validate Tests on commit 9732f1a finished successfully.
View logs: TXT HTML

[kadel]

This sounds like the document is describing limitation of the podman itself.

How about something like this:?

Suggested change

	title: Podman limitations
	title: Podman support limitations

[kadel]

It would be good to also mention that with Podman you have everything locally with much lower overhead (resources)

[feloy]

Good point, I'm adding it

[odo-robot]

Windows Tests (OCP) on commit 9732f1a finished successfully.
View logs: TXT HTML

[odo-robot]

Kubernetes Tests on commit 9732f1a finished with errors.
View logs: TXT HTML

[odo-robot]

OpenShift Tests on commit 9732f1a finished successfully.
View logs: TXT HTML

[odo-robot]

Kubernetes Docs Tests on commit 9816c14 finished successfully.
View logs: TXT HTML

[valaparthvi]

Maybe you can add a section here instead of directly starting with the limitations. Or convert the section "Commands working with Podman" to a normal list.

[valaparthvi]

This part is not very clear to me.

[rm3l]

I might have been biased when I read this as I worked on --forward-localhost, but just curious: what did you find not very clear?

[valaparthvi]

This will be necessary for the ports giving access to the application or

This. Does it mean that this will be necessary to allow application access on the certain ports?

This is the best choice for the Debug port, to restrict access to this Debug port.

What does it mean to restrict access to this debug port?

[rm3l]

This will be necessary for the ports giving access to the application or

This. Does it mean that this will be necessary to allow application access on the certain ports?

It is more about reaching the port opened by the application from the outside. If you want the port to be reachable from outside of the container/pod, the application needs to bind the port to 0.0.0.0 (or more specifically to an interface that is connected to an outside network).

This is the best choice for the Debug port, to restrict access to this Debug port.

What does it mean to restrict access to this debug port?

Same point, about not making this port accessible from outside of the container/pod. It is generally recommended to restrict access to this Debug port by not exposing it. So here we are saying that --forward-localhost allows users to reach such ports on Podman while still keeping them unreachable on the cluster.

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication

[rm3l]

LGTM.

/hold

@kadel @valaparthvi Anything else to add to this PR?

[rm3l]

• [FAILED] [0.776 seconds]
odo delete command tests [BeforeEach]
/go/odo_1/tests/integration/cmd_delete_test.go:25
  when a component is bootstrapped
  /go/odo_1/tests/integration/cmd_delete_test.go:160
    when the component is deployed in DEV mode and dev mode stopped
    /go/odo_1/tests/integration/cmd_delete_test.go:228
      when the component is deleted using its name (and namespace) from another directory (running-in="")
      /go/odo_1/tests/integration/cmd_delete_test.go:255
        when odo delete command is run again with nothing deployed on the cluster
        /go/odo_1/tests/integration/cmd_delete_test.go:292
          should output that there are no resources to be deleted
          /go/odo_1/tests/integration/cmd_delete_test.go:299

  Begin Captured GinkgoWriter Output >>
    Created dir: /tmp/3770631462
    Created dir: /tmp/3142201452
    Setting KUBECONFIG=/tmp/3142201452/config
    Creating a new project: cmd-delete-test299ueb
    Running kubectl with args [kubectl create namespace cmd-delete-test299ueb] and odo env: []
    [kubectl] Error from server (AlreadyExists): namespaces "cmd-delete-test299ueb" already exists
    Deleting project: cmd-delete-test670jna
    Running kubectl with args [kubectl delete namespaces cmd-delete-test670jna --wait=false] and odo env: []
    [kubectl] Error from server (NotFound): namespaces "cmd-delete-test670jna" not found
  << End Captured GinkgoWriter Output

  No future change is possible.  Bailing out early - after 0.443s.
  Running kubectl with args [kubectl create namespace cmd-delete-test299ueb] and odo env: []
  Expected
      <int>: 1
  to match exit code:
      <int>: 0
  In [BeforeEach] at: /go/odo_1/tests/helper/helper_cmd_wrapper.go:101

  There were additional failures detected after the initial failure.  Here's a summary - for full details run Ginkgo in verbose mode:
    [FAILED] in [AfterEach] at /go/odo_1/tests/helper/helper_cmd_wrapper.go:101

This is not the first time I stumbled upon this issue with namespaces/projects. Something to keep an eye on..

Overriding it for now since this is only a doc PR.

/override Kubernetes-Integration-Tests/Kubernetes-Integration-Tests

[openshift-ci]

@rm3l: Overrode contexts on behalf of rm3l: Kubernetes-Integration-Tests/Kubernetes-Integration-Tests

In response to this:

• [FAILED] [0.776 seconds]
odo delete command tests [BeforeEach]
/go/odo_1/tests/integration/cmd_delete_test.go:25
 when a component is bootstrapped
 /go/odo_1/tests/integration/cmd_delete_test.go:160
   when the component is deployed in DEV mode and dev mode stopped
   /go/odo_1/tests/integration/cmd_delete_test.go:228
     when the component is deleted using its name (and namespace) from another directory (running-in="")
     /go/odo_1/tests/integration/cmd_delete_test.go:255
       when odo delete command is run again with nothing deployed on the cluster
       /go/odo_1/tests/integration/cmd_delete_test.go:292
         should output that there are no resources to be deleted
         /go/odo_1/tests/integration/cmd_delete_test.go:299

 Begin Captured GinkgoWriter Output >>
   Created dir: /tmp/3770631462
   Created dir: /tmp/3142201452
   Setting KUBECONFIG=/tmp/3142201452/config
   Creating a new project: cmd-delete-test299ueb
   Running kubectl with args [kubectl create namespace cmd-delete-test299ueb] and odo env: []
   [kubectl] Error from server (AlreadyExists): namespaces "cmd-delete-test299ueb" already exists
   Deleting project: cmd-delete-test670jna
   Running kubectl with args [kubectl delete namespaces cmd-delete-test670jna --wait=false] and odo env: []
   [kubectl] Error from server (NotFound): namespaces "cmd-delete-test670jna" not found
 << End Captured GinkgoWriter Output

 No future change is possible.  Bailing out early - after 0.443s.
 Running kubectl with args [kubectl create namespace cmd-delete-test299ueb] and odo env: []
 Expected
     <int>: 1
 to match exit code:
     <int>: 0
 In [BeforeEach] at: /go/odo_1/tests/helper/helper_cmd_wrapper.go:101

 There were additional failures detected after the initial failure.  Here's a summary - for full details run Ginkgo in verbose mode:
   [FAILED] in [AfterEach] at /go/odo_1/tests/helper/helper_cmd_wrapper.go:101

This is not the first time I stumbled upon this issue with existing namespaces/projects. Something to keep an eye on..

Overriding it for now since this is only a doc PR.

/override Kubernetes-Integration-Tests/Kubernetes-Integration-Tests

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[valaparthvi]

LGTM.

/hold

@kadel @valaparthvi Anything else to add to this PR?

I am fine with merging this PR. Thank you for documenting this, Philippe.

[rm3l]

I am fine with merging this PR. Thank you for documenting this, Philippe.

/hold cancel