I'm evaluating Fedora Silverblue as my main development OS, I'd be using it with other developers that will be using either MacOS or other Linux distributions. I'll need to work with Docker containers.
Fedora comes with Podman as a rootless alternative to manage containers and it's supposed to have exactly the same interface as docker, so alias docker=podman should work.
I've also installed podman-compose to have docker-compose experience, it all works great but I am struggling with the following config to setup ELK stack:
version: '3.3'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.7.0
container_name: elasticsearch
ports:
- 9200:9200
environment:
- discovery.type=single-node
ulimits:
memlock:
soft: -1
hard: -1
networks:
- elastic
kibana:
image: docker.elastic.co/kibana/kibana:7.7.0
container_name: kibana
ports:
- 5601:5601
environment:
ELASTICSEARCH_URL: http://elasticsearch:9200
ELASTICSEARCH_HOSTS: http://elasticsearch:9200
networks:
- elastic
networks:
elastic:
driver: bridge
While this works with Docker, it doesn't with Podman due to following config:
ulimits:
memlock:
soft: -1
hard: -1
I understand this works on Docker because it runs with high privileges and can set these limits to unlimited but because Podman is rootless and I run Silverblue these limits cannot be raised.
I've searched on how to increase ulimit with Podman, Silverblue but couldn't.
Are there any ways to increase these limits with Podman on Silverblue and make such docker-compose setup work with my system?
if you run Podman as rootless user then you are not allowed to set the ulimits higher than what your session currently has.
If you need to set a higher ulimit, you either need to allow your user to have it (tweaking /etc/security/limits.conf) or you run the container as root.