I am trying to get networking working with rootless containers using podman. Getting either external networking up and running or internal networking is not the issue. Using the --network option, containers are able to see each other. However ping 8.8.8.8 does not work. Starting containers without --network or with --network=slirp4netns ping 8.8.8.8 does work as expected. Of course in the latter case, there is no internal networking. What I think this tells me is that host is not blocking external access from within containers. The issues that I am facing is that I seem to be unable to get both internal and external networking working within containers at the same time.
> podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
6129a34887d3 container-net 0.4.0 bridge,portmap,firewall,tuning,dnsname
I am starting containers like so:
podman pod create \
--network container-net \
--network-alias test-pod \
--hostname test-01 \
--name test-pod
Contents of start-test.sh:
podman run --rm -it \
--pod test-pod \
--network=container-net \
--dns-search dns.podman \
--name test-01 \
--network-alias test-01 \
docker.io/alpine /bin/sh
> ./start-test.sh
/ # ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
^C
--- 8.8.8.8 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
> podman --version
podman version 3.3.1
I have checked that selinux is not the cause by test with: setenforce 0 as well.
Is it possible to get both internal and external networking working within containers and if so, what does one need to do?
The issue I was having was not related to any configuration. As it turned out after having removed all podman created networks, rebooting the machine and recreating the networks I needed, the containers behave as expected, i.e. internal and external networking are working.