Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using nftables on a Windows WSL machine doesn't work #25201

Open
l0rd opened this issue Feb 3, 2025 · 0 comments
Open

Using nftables on a Windows WSL machine doesn't work #25201

l0rd opened this issue Feb 3, 2025 · 0 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. machine windows issue/bug on Windows

Comments

@l0rd
Copy link
Member

l0rd commented Feb 3, 2025
edited
Loading

Issue Description

After updating to Fedora 41 and configuring the machine in rootful mode, running a container returns a netavark error:

# podman run hello
WARN[0000] Using cgroups-v1 which is deprecated in favor of cgroups-v2 with Podman v5 and will be removed in a future version. Set environment variable `PODMAN_IGNORE_CGROUPSV1_WARNING` to hide this warning.
internal:0:0-0: Error: Could not process rule: No such file or directory

internal:0:0-0: Error: Could not process rule: No such file or directory

Error: netavark: nftables error: nft did not return successfully while applying ruleset

Steps to reproduce the issue

Steps to reproduce the issue

  1. Build a WSL image based on Fedora 41 (for testing, I have built and pushed one to quay.io/mloriedo/machine-os-wsl:5.5-next)
  2. Init/Run a rootful machine using the Fedora 41 based image:
> podman machine init --image docker://quay.io/mloriedo/machine-os-wsl:5.5-next
> podman machine set --rootful
> podman machine start
> podman run hello

podman info output

Podman built from main branch running on Windows 11 with WSL v2.4.9.0 and Kernel v5.15.167.4-1

Additional information

Using a more recent version of the Kernel (v6.6.36) doesn't help.

Configuring podman to use iptables fixes the problem:

[network]
firewall_driver="iptables"
@l0rd l0rd added the kind/bug Categorizes issue or PR as related to a bug. label Feb 3, 2025
l0rd added a commit to l0rd/podman that referenced this issue Feb 3, 2025
@l0rd
Force use of iptables on Windows WSL
ee931c8 
This is a workaround for containers#25201 and helps with
upgrading the WSL image to Fedora 41.

Signed-off-by: Mario Loriedo <[email protected]>
@l0rd l0rd added windows issue/bug on Windows machine labels Feb 3, 2025
@l0rd l0rd mentioned this issue Feb 3, 2025
Open
l0rd added a commit to l0rd/podman that referenced this issue Feb 3, 2025
@l0rd
Force use of iptables on Windows WSL
dae1541 
This is a workaround for containers#25201 and helps with
upgrading the WSL image to Fedora 41.

Signed-off-by: Mario Loriedo <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. machine windows issue/bug on Windows
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@l0rd