Rootless container in Podman and creating a private container registry with Linode
I have been struggling for the past 2 days to get rootless containers working with Ubuntu and UFW enabled. UFW seems to be blocking the traffic to my containers (IP tables not being updated???). Everything works fine in Fedora when the same Kubernetes YAML is used and the firewall is enabled. Any input would be appreciated.
A system user needs root access to modify
iptables directly, so rootless
podman can't automatically write iptables rules. Might need to access the host's firewall and open the ports up manually.
Maybe Fedora gives rootless
podman special access to
podman is a RHEL brainchild? In normal conditions, rootless
podman has limitations, but firewall access isn't mentioned.
ufw(8) is just a friendly™ Ubuntu-only front-end for iptables(8). Everything you can do with ufw(8) you can do with iptables(8) directly.
You can turn off iptables(8) and set up firewalld(1) on other distros besides RHEL. firewalld(1) is a supported package on both Debian & Ubuntu. See: