Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using port 80 causes a fail on kind with rootless podman #542

Open
cardil opened this issue Oct 8, 2024 · 2 comments
Open

Using port 80 causes a fail on kind with rootless podman #542

cardil opened this issue Oct 8, 2024 · 2 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. triage/accepted Issues which should be fixed (post-triage)

Comments

@cardil
Copy link

cardil commented Oct 8, 2024

When using Kind on rootless Podman, which may run as a regular user, the quickstart fails with:

$ kn quickstart kind                                                                                               
Running Knative Quickstart using Kind
✅ Checking dependencies...
    Kind version is: 0.24.0

A local registry is no longer created by default.
    To create a local registry, use the --registry flag.

☸ Creating Kind cluster...
using podman due to KIND_EXPERIMENTAL_PROVIDER
enabling experimental podman provider
Creating cluster "knative" ...
 ✓ Ensuring node image (kindest/node:v1.30.0) 🖼
 ✗ Preparing nodes 📦  
Deleted nodes: ["knative-control-plane"]
ERROR: failed to create cluster: command "podman run --name knative-control-plane --hostname knative-control-plane --label io.x-k8s.kind.role=control-plane --privileged --tmpfs /tmp --tmpfs /run --volume 3458f5afd21deb49034bd7240a4097e127b378dd72d46b0e1ac28fb4ffa09ba2:/var:suid,exec,dev --volume /lib/modules:/lib/modules:ro -e KIND_EXPERIMENTAL_CONTAINERD_SNAPSHOTTER --detach --tty --net kind --label io.x-k8s.kind.cluster=knative -e container=podman --cgroupns=private --volume /dev/mapper:/dev/mapper --device /dev/fuse --publish=0.0.0.0:80:31080/tcp --publish=127.0.0.1:40937:6443/tcp -e KUBECONFIG=/etc/kubernetes/admin.conf docker.io/kindest/node:v1.30.0" failed with error: exit status 126
Command Output: Error: rootlessport cannot expose privileged port 80, you can add 'net.ipv4.ip_unprivileged_port_start=80' to /etc/sysctl.conf (currently 1024), or choose a larger port number (>= 1024): listen tcp 0.0.0.0:80: bind: permission denied
Error: creating cluster: existing cluster: new cluster: kind create: piping output: exit status 1
Usage:
  kn-quickstart kind [flags]

Flags:
      --extraMountContainerPath string   set the extraMount containerPath on Kind quickstart cluster
      --extraMountHostPath string        set the extraMount hostPath on Kind quickstart cluster
  -h, --help                             help for kind
      --install-eventing                 install Eventing on quickstart cluster
      --install-serving                  install Serving on quickstart cluster
  -k, --kubernetes-version string        kubernetes version to use (1.x.y) or (kindest/node:v1.x.y)
  -n, --name string                      kind cluster name to be used by kn-quickstart (default "knative")
      --registry                         install registry for Kind quickstart cluster

creating cluster: existing cluster: new cluster: kind create: piping output: exit status 1
Error: exit status 1

This is caused by enforced use of port number 80. Ports <1024 are reserved for root user. Some higher port should be used, like 8080. Also, some configuration option would be handy, as even the 8080 port could be in use, and a user might want to choose different port instead.

kn-plugin-quickstart/pkg/kind/kind.go

Line 389 in 071211e

hostPort: 80`, clusterName, kubernetesVersion, extraMount)

@cardil
Copy link
Author

cardil commented Oct 8, 2024

/kind bug

@knative-prow knative-prow bot added the kind/bug Categorizes issue or PR as related to a bug. label Oct 8, 2024
@psschwei
Copy link
Contributor

psschwei commented Oct 9, 2024
edited
Loading

/triage accepted

xref #540 (comment)

@knative-prow knative-prow bot added the triage/accepted Issues which should be fixed (post-triage) label Oct 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. triage/accepted Issues which should be fixed (post-triage)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cardil @psschwei