unsupported key 'Pod' in group 'Container' with podman 4.9

[jeancf]

Issue Description

I wanted to try the new support for pod generation with quadlet in podman 4.9.

I put together a .pod file and 2 .container files for a gitea server. I copied them over to /etc/containers/systemd and ran sudo systemctl daemon-reload. In journalctl I see:

Jan 25 21:23:15 archlinux-server quadlet-generator[2874]: converting "gitea-db.container": unsupported key 'Pod' in group 'Container' in >
                                                          converting "gitea-server.container": unsupported key 'Pod' in group 'Container'>

Steps to reproduce the issue

Steps to reproduce the issue

1. Create the following files:

gitea.pod

[Pod]
PodName=gitea
PodmanArgs=-p 3000:3000 -p 2222:2222

gitea-db.container

[Container]
ContainerName=gitea-db
Environment=POSTGRES_USER=gitea POSTGRES_PASSWORD=gitea POSTGRES_DB=gitea
Image=docker.io/postgres/postgres:latest
Volume=./postgres:/var/lib/postgresql/data
Pod=gitea.pod

[Service]
Restart=always

gitea-server.container

[Container]
ContainerName=gitea-server
Environment=GITEA__database__DB_TYPE=postgres GITEA__database__HOST=gitea-db:5432 GITEA__database__NAME=gitea GITEA__database__USER=gitea GITEA__database__PASSWD=gitea
Image=docker.io/gitea/gitea:latest
Volume=gitea-data:/var/lib/gitea
Volume=gitea-config:/etc/gitea
Volume=/etc/timezone:/etc/timezone:ro
Volume=/etc/localtime:/etc/localtime:ro
Pod=gitea.pod

[Service]
Restart=always

2. Copy these 3 files to /etc/containers/systemd/

3. Execute sudo systemctl daemon-reload

Describe the results you received

system log shows:

Jan 25 21:14:56 archlinux-server systemd[1]: Reloading...
Jan 25 21:14:56 archlinux-server quadlet-generator[2621]: converting "gitea-db.container": unsupported key 'Pod' in group 'Container' in >
                                                          converting "gitea-server.container": unsupported key 'Pod' in group 'Container'>
Jan 25 21:14:56 archlinux-server (sd-exec-[2873]: /usr/lib/systemd/system-generators/podman-system-generator failed with exit status 1.
Jan 25 21:14:57 archlinux-server systemd[1]: Reloading finished in 141 ms.

no .service file gets generated

Describe the results you expected

Service files get generated.

podman info output

host:
  arch: amd64
  buildahVersion: 1.33.3
  cgroupControllers:
  - cpu
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: /usr/bin/conmon is owned by conmon 1:2.1.10-1
    path: /usr/bin/conmon
    version: 'conmon version 2.1.10, commit: 2dcd736e46ded79a53339462bc251694b150f870'
  cpuUtilization:
    idlePercent: 99.55
    systemPercent: 0.21
    userPercent: 0.24
  cpus: 6
  databaseBackend: sqlite
  distribution:
    distribution: arch
    version: unknown
  eventLogger: journald
  freeLocks: 2037
  hostname: archlinux-server
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 6.7.1-arch1-1
  linkmode: dynamic
  logDriver: journald
  memFree: 2701987840
  memTotal: 4103794688
  networkBackend: netavark
  networkBackendInfo:
    backend: netavark
    dns:
      package: /usr/lib/podman/aardvark-dns is owned by aardvark-dns 1.10.0-1
      path: /usr/lib/podman/aardvark-dns
      version: aardvark-dns 1.10.0
    package: /usr/lib/podman/netavark is owned by netavark 1.10.1-1
    path: /usr/lib/podman/netavark
    version: netavark 1.10.1
  ociRuntime:
    name: crun
    package: /usr/bin/crun is owned by crun 1.14-1
    path: /usr/bin/crun
    version: |-
      crun version 1.14
      commit: 667e6ebd4e2442d39512e63215e79d693d0780aa
      rundir: /run/user/1000/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  pasta:
    executable: ""
    package: ""
    version: ""
  remoteSocket:
    exists: false
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /etc/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: /usr/bin/slirp4netns is owned by slirp4netns 1.2.2-1
    version: |-
      slirp4netns version 1.2.2
      commit: 0ee2d87523e906518d34a6b423271e4826f71faf
      libslirp: 4.7.0
      SLIRP_CONFIG_VERSION_MAX: 4
      libseccomp: 2.5.5
  swapFree: 2051534848
  swapTotal: 2051534848
  uptime: 0h 47m 10.00s
  variant: ""
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - docker.io
  - quay.io
store:
  configFile: /home/jeancf/.config/containers/storage.conf
  containerStore:
    number: 6
    paused: 0
    running: 0
    stopped: 6
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/jeancf/.local/share/containers/storage
  graphRootAllocated: 16640901120
  graphRootUsed: 3751636992
  graphStatus:
    Backing Filesystem: btrfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 7
  runRoot: /run/user/1000/containers
  transientStore: false
  volumePath: /home/jeancf/.local/share/containers/storage/volumes
version:
  APIVersion: 4.9.0
  Built: 1706014507
  BuiltTime: Tue Jan 23 13:55:07 2024
  GitCommit: f7c7b0a7e437b6d4849a9fb48e0e779c3100e337-dirty
  GoVersion: go1.21.6
  Os: linux
  OsArch: linux/amd64
  Version: 4.9.0

Podman in a container

No

Privileged Or Rootless

Privileged

Upstream Latest Release

Yes

Additional environment details

Tested in a QEMU virtual machine running Archlinux 6.7.1-arch1-1
QEMU emulator version 8.2.0

Additional information

No response

[LorbusChris]

Pod quadlet file support is on main/5.0 but not in podman 4.9 afaict, so I don't think this is a bug.

You can get podman 5 dev RPMs from https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/ and try with those.

[jeancf]

OK. I am confused because I read in #20762 (comment) that the feature missed the merge window for 4.8 and it "will be part of the next version". At the same time, I see that the feature is already documented on the man page https://docs.podman.io/en/latest/markdown/podman-systemd.unit.5.html including an example at the bottom.

[vrothberg]

Apologies, the Pod support has not been backported to the 4.8 branch which 4.9 is based on. The main development branch is already targetting 5.0. So @LorbusChris is on spot with this feature being available with 5.0 onwards.