Docs: Port explanation should explain case for containerized Fedora CoreOS installation #22503
Description
Describe the enhancement
I've followed your installation guide for CoreOS (with some adjustments for security, see #22500). However, that is unrelated.
Now I want to change the port, but I am unable, because the guide does not create/result in a systemd socket (cockpit.socket) being created like
# podman container runlabel --name cockpit-ws RUN quay.io/cockpit/ws
Trying to pull quay.io/cockpit/ws:latest...
Getting image source signatures
Copying blob 6d7b52adcded done |
Copying blob 8782d8db74ff done |
Copying config 9e5e96936a done |
Writing manifest to image destination
3148a73a0957742f1f12b854b4969adb0049051ee8f35da45ea68efabfb95151
# podman container runlabel INSTALL quay.io/cockpit/ws
systemctl enable cockpit.service
+ sed -e /pam_selinux/d -e /pam_sepermit/d /etc/pam.d/cockpit
+ mkdir -p /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ chmod 755 /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ chown root:root /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ mkdir -p /etc/ssh
+ '[' podman = oci -o podman = podman ']'
+ '[' -n quay.io/cockpit/ws:latest ']'
+ '[' '!' -e /host/etc/systemd/system/cockpit.service ']'
+ mkdir -p /host/etc/systemd/system/
+ cat
+ /bin/mount --bind /host/etc/cockpit /etc/cockpit
+ /usr/libexec/cockpit-certificate-ensure
Created symlink '/etc/systemd/system/multi-user.target.wants/cockpit.service' → '/etc/systemd/system/cockpit.service'.
# systemctl cat cockpit.socket
No files found for cockpit.socket.
root@minipure:/var/home/admrugk# ls -la /etc/systemd/system/cockpit*
-rw-r--r--. 1 root root 340 Oct 10 15:28 /etc/systemd/system/cockpit.service
# systemctl status cockpit.socket
Unit cockpit.socket could not be found.
# systemctl cat --full cockpit.service
# /etc/systemd/system/cockpit.service
[Unit]
Description=quay.io/cockpit/ws:latest podman container
[Service]
Type=oneshot
ExecStartPre=-/usr/bin/podman rm -f cockpit-ws
ExecStart=/usr/bin/podman container runlabel --name cockpit-ws RUN quay.io/cockpit/ws:latest
ExecStop=/usr/bin/podman rm -f cockpit-ws
RemainAfterExit=yes
KillMode=none
[Install]
WantedBy=multi-user.target
[…]
# podman logs cockpit-ws
+ sed -e /pam_selinux/d -e /pam_sepermit/d /etc/pam.d/cockpit
+ mkdir -p /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ chmod 755 /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ chown root:root /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ mkdir -p /etc/ssh
+ '[' podman = oci -o podman = podman ']'
+ '[' -n '' ']'
+ /bin/mount --bind /host/etc/cockpit /etc/cockpit
+ /usr/libexec/cockpit-certificate-ensure
'/etc/os-release' -> '/host/etc/os-release'
'/usr/lib/os-release' -> '/host/usr/lib/os-release'
cockpit-ws: Error starting web server: Error binding to address [::]:9090: Address already in use
(the last command just demonstrates why I want to use a differnet port 😉)
The podman container runlabel seems such an unusual way to start a container, so I cannot apply normal docker/podman commands to just change it on the command line, compose file or some Quadlet or whatever. I also found no config file...
So that's why IMHO, if such an unusual thing is the officially recommend way, it should also be documented.
https://cockpit-project.org/guide/latest/listen just only explains how to configure the "socket way". I have no socket, so the explanation does not work for me. I guess It's because this big sentence does not quite apply:
On servers with systemd Cockpit starts on demand via socket activation.
Well… I have systemd of course, just no socket file.
Alternatives
Alternatively one can of course possibly layer it using rpm-ostree install cockpit or so? But you likely had some reason not to recommend that as an installation method for CoreOS?
Which page, if applicable, is this related to?
Unknown/None