My proof-of-concept Container as a Service (CAS or CaaS) is now up and running. If anyone wants to have a play? 🤔 There’s still heaps to do, lots of “features” missing, but you can run stuff at least 😅

ssh -p 2222 cas.run help

@prologic@twtxt.net

# ssh -p 2222 cas.run help                                                                                                                                                
The authenticity of host '[cas.run]:2222 ([139.180.180.214]:2222)' can't be established.
RSA key fingerprint is SHA256:i5txciMMbXu2fbB4w/vnElNSpasFcPP9fBp52+Avdbg.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[cas.run]:2222' (RSA) to the list of known hosts.
abucci@cas.run: Permission denied (publickey).

@prologic@twtxt.net I do, but you didn’t specify in your twt that you needed to use a github account. I copy pasted the ssh command you posted verbatim!

@prologic@twtxt.net so what is the command to use? I did ssh -p 2222 GITHUB_USERNAME@cas.run help but that gives the same error. There’s something missing here.

@prologic@twtxt.net aha, thank you, that got me unjammed.

Turns out I thought I had an SSH key set up in github, but github didn’t agree with me. So, I re-added the key.

I also had to modify the command slightly to:

ssh -p 2222 -i PRIVATE_GITHUB_KEY GITHUB_USERNAME@cas.run help

since I generate app-specific keypairs and need to specify that for ssh and I haven’t configured it to magically choose the key so I have to specify it in the command line.

Anyhow, that did it. Thanks!

@prologic@twtxt.net hmm, now I get this:

$ ssh -p 2222 -i PRIVATE_GITHUB_KEY GITHUB_USERNAME@cas.run add | sh
sh: 135: docker: not found

The quickstart says:

## Quick Start

  ssh -p 2222 cas.run add | sh

so that’s why I tried this command (I had to modify it with my key and username like before)

Edit: 🤦‍♂ and that’s becasue I don’t have docker on this machine. Sorry about that, false alarm.

@prologic@twtxt.net @jmjl@tilde.green
It looks like there’s a podman issue for adding the context subcommand that docker has. Currently podman does not have this subcommand, although this comment has a translation to podman commands that are similar-ish.

It looks like that’s all you need to do to support podman right now! Though I’m not 100% sure the containers I tried really are running remotely. Details below.

I manually edited the shell script that cas.run add returns, changing all the docker commands to podman commands. Specifically, I put alias docker=podman at the top so the check for docker would pass, and then I replaced the last two lines of the script with these:

podman system connection add cas  "host=tcp://cas.run..."
podman system connection default cas

(that … after cas.run is a bunch of connection-specific stuff)

I ran the script and it exited with no output. It did create a connection named “cas”, and made that the default. I’m not super steeped in how podman works but I believe that’s what you need to do to get podman to run containers remotely.

I ran some containers using podman and I think they are running remotely but I don’t know the right juju to verify. It looks right though!

This means you could probably make minor modifications to the generated shell script to support podman. Maybe when the check for docker fails, check for podman, and then later in the script use the podman equivalents to the docker context commands.

@prologic@twtxt.net I had a feeling my container was not running remotely. It was too crisp.

podman is definitely capable of it. I’ve never used those features though so I’d have to play around with it awhile to understand how it works and then maybe I’d have a better idea of whether it’s possible to get it to work with cas.run.

There’s a podman-specific way of allowing remote container execution that wouldn’t be too hard to support alongside docker if you wanted to go that route. Personally I don’t use docker–too fat, too corporate. podman is lightweight and does virtually everything I’d want to use docker to do.

@prologic@twtxt.net I don’t get your objection. dockerd is 96M and has to run all the time. You can’t use docker without it running, so you have to count both. docker + dockerd is 131M, which is over 3x the size of podman. Plus you have this daemon running all the time, which eats system resources podman doesn’t use, and docker fucks with your network configuration right on install, which podman doesn’t do unless you tell it to.

That’s way fat as far as I’m concerned.

As far as corporate goes, podman is free and open source software, the end. docker is a company with a pricing model. It was founded as a startup, which suggests to me that, like almost all startups, they are seeking an exit and if they ever face troubles in generating that exit they’ll throw out all niceties and abuse their users (see Reddit, the drama with spyware in Audacity, 10,000 other examples). Sure you can use it free for many purposes, and the container bits are open source, but that doesn’t change that it’s always been a corporate entity, that they can change their policies at any time, that they can spy on you if they want, etc etc etc.

That’s way too corporate as far as I’m concerned.

I mean, all of this might not matter to you, and that’s fine! Nothing wrong with that. But you can’t have an alternate reality–these things I said are just facts. You can find them on Wikipedia or docker.com for that matter.

@prologic@twtxt.net My understanding is that podman can talk to the Docker Engine API. It’s just that the commands sometimes have different names in the podmanverse. I think–never used those features.

@prologic@twtxt.net I don’t understand what you’re saying. podman works with TLS. It does not have the “–docker” siwtch so you have to remove that and use the exact replacement commands that were in that github comment.