From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202408 header.b=op55hJ23;
	dkim-atps=neutral
Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76])
	by passt.top (Postfix) with ESMTPS id 8D2475A004E
	for <passt-user@passt.top>; Thu, 19 Sep 2024 04:25:21 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202408; t=1726712717;
	bh=Ccpcj2OSYeOMnd20IUSAC4HXfQzxBNYqTZsYppteipo=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=op55hJ23VqqsNIx+9MuWoxjifvxJgIXV/M5QTwgDnsHOI0lZoaWBxlPVa0slwEJ2R
	 72T/aII1XDFcG2xXCkXvHA/Wb54cQlcKqFzv5nAUtTYO12K/sXOvWdulMuwZjRt6cE
	 jZc0Bwa0QjxxrN4TE2mbpE4D+4OGrgWpF/nLR02Y6Ne1VunrxtTgnQqaeA70a8/ATU
	 rRWe7vjg1OHDVH+WwfUQ5xK8CDe/DHVeiVX7/x7TRbjyN+4VnSgJ/VkOMo88MIfFHM
	 zwSEcUx/s2ZhT37aDYWdPRULRvrDMXiQ+wIEv843YHkZRJIfo25nMBzEw/SuzKZUPH
	 mKsb/k2+JGjGQ==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4X8K9n1dYRz4xQb; Thu, 19 Sep 2024 12:25:17 +1000 (AEST)
Date: Thu, 19 Sep 2024 12:15:51 +1000
From: David Gibson <david@gibson.dropbear.id.au>
To: "Castelli, Anton" <anton.castelli@siu.edu>
Subject: Re: Rootless Podman with VRRP
Message-ID: <ZuuJV8p3jTUp2m67@zatzit.fritz.box>
References: <172649928722.151934.9874324737582181440@maja>
 <ZujWpPGEOnw53OA7@zatzit.fritz.box>
 <SA1PR07MB87384D729F3FC0543F54BF4392612@SA1PR07MB8738.namprd07.prod.outlook.com>
 <ZuolxLJtJuUg8R6K@zatzit.fritz.box>
 <Zuo3cuE8WRlOzhBP@zatzit.fritz.box>
 <SA1PR07MB87382333E58D662293E51E0B92622@SA1PR07MB8738.namprd07.prod.outlook.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="zPf0M5giwoUeLA9E"
Content-Disposition: inline
In-Reply-To: <SA1PR07MB87382333E58D662293E51E0B92622@SA1PR07MB8738.namprd07.prod.outlook.com>
Message-ID-Hash: YCVAM7T2X6BVROZXWVMGGEPRFDM6N3V7
X-Message-ID-Hash: YCVAM7T2X6BVROZXWVMGGEPRFDM6N3V7
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "passt-user@passt.top" <passt-user@passt.top>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: "For passt users: support, questions and answers" <passt-user.passt.top>
Archived-At: <https://archives.passt.top/passt-user/ZuuJV8p3jTUp2m67@zatzit.fritz.box/>
Archived-At: <https://passt.top/hyperkitty/list/passt-user@passt.top/message/YCVAM7T2X6BVROZXWVMGGEPRFDM6N3V7/>
List-Archive: <https://archives.passt.top/passt-user/>
List-Archive: <https://passt.top/hyperkitty/list/passt-user@passt.top/>
List-Help: <mailto:passt-user-request@passt.top?subject=help>
List-Owner: <mailto:passt-user-owner@passt.top>
List-Post: <mailto:passt-user@passt.top>
List-Subscribe: <mailto:passt-user-join@passt.top>
List-Unsubscribe: <mailto:passt-user-leave@passt.top>


--zPf0M5giwoUeLA9E
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Sep 18, 2024 at 07:29:09PM +0000, Castelli, Anton wrote:
> David,
>=20
> Yes, that one instance was a mistake when I was anonymizing the
> IPs. Sorry for the confusion.
>=20
> Following your suggestion, I was able to set the sysctl value
> 'net.ipv4.ip_nonlocal_bind=3D1'. After that, I was able to
> successfully start the rootless container on the secondary server
> (that did not have the VRRP IP). You were correct that pasta emitted
> a warning, but it started anyway.

Ok.

> With this workaround, I can now successfully start rootless
> containers on both the primary and secondary servers. The primary
> server responds to UDP queries on both its main IP address and the
> VRRP IP address. I tried a manual failover to the secondary server,
> which then also responds on the VRRP IP address in addition to its
> main IP address. Everything appears to be working as intended.

Superb!

> Thank you so much for taking the time to help find a workaround to
> this issue! I'll be updating the bug report with the details on the
> workaround in case anyone else runs into the issue.

Thanks for that.  We have a _lot_ of edge cases of varying obscurity
to sort out eventually; recording the details so they're not forgotten
is super helpful.

--=20
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson

--zPf0M5giwoUeLA9E
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmbriUMACgkQzQJF27ox
2GfdlBAAn7mLHaA/eQyY0NiEkEC54XQBCXu6EJFrF4izm7ALuLEyswhopao+GYcz
1i1AeHvIrIiTlVXU4Uh6VuQSIKCanN6XdcBf0sYwqFtuRycxE940u+vuyyl7yGWg
4xIg0JI8mA8ZUBNRF6oSQE+UJy6LI1ODcwA/1CBENyNxtIyyaLxubzV8i5/6jgP8
/uMBNM8+Y1xUeYcn4t6eKhGF75FV80BcwoaS4UHXl5HD1iYZ1FYvcyfHh8CCHPaR
ay8ae/k+mkZxZl9grkuDS+IxbGbicSxje02+sj9Svp1eaMS79k+TR5EH6HeChCRL
5gzaP4SMPrL6lvxFTYRB8+99wh8RAPfycZZ57pAdvmJ5UFbmi6n7y1FIBR13F/oN
uLNh6DnsxIt/Gq3hNXL59VncOI8R1cAmp5FMnrfckbyBiYPoWFZvPFnpzQP8FAAL
Uev/6gBAmZddv+KDqw7qwvMnASKrQ4AWWzJNER2LFJnd0DVoxMHnHzdOrNLSirMo
R68iws3LZ/tfEqjlMpAzxPR/37x+c1XQdpgxrTIS8AmG1O6Ltl76kmkO92vtA11U
N1u0T2DPR66SelL/F3KfExjKtkSjzhS0KH5B1sOWyRqTDMvMu5aokMn9jTXS3nn4
Km8GEq8ApwOz3WeL0oD7UfwyTwNjihEIHZ8EyRTXA5Rma9eP7r4=
=VtV5
-----END PGP SIGNATURE-----

--zPf0M5giwoUeLA9E--