Running x86_64 containers on Podman on ARM (M1) Macs
Certain images, such as IBM MQ, have compatibility problems running under the aarch64 podman VM. There is an IBM Ideas post which you can vote on to encourage the development of native aarch64 images for MQ. Until then, the instructions below detail how to get them running on M1 ARM-based Macs.
To experience the problematic behaviour, run podman run --rm --env LICENSE=accept --env MQ_QMGR_NAME=QM1 icr.io/ibm-messaging/mq:latest before starting this guide and you will see MQ crash with this line: Error 71 creating queue manager: AMQ8101S: IBM MQ error (893) has occurred
The process involves creating an x86_64 based VM for podman to run its images on instead of the aarch64 one it uses by default. You will be able to switch between them, allowing you to use the aarch64 VM when performance matters, and the x86_64 VM when you encounter compatibility issues.
Instructions
These instructions were written with podman version 4.1.1 installed on MacOS 12.5
If you currently have a podman vm running, stop it with
podman machine stop
Install QEMU 6.2.0_1 alongside QEMU 7.0.0_1 Run these commands in a folder you are happy to download into
# Download qemu 6.2.0_1
curl -L -H "Authorization: Bearer QQ==" -o qemu-6.2.0_1.monterey.bottle.tar.gz https://ghcr.io/v2/homebrew/core/qemu/blobs/sha256:fcc3b1a8139f70dae57f5449f3856f9b3b67448ee0623e64da1e47dc255b46f6
# Install brew switch
brew tap laggardkernel/tap
# Disconnect the currently install qemu
brew unlink qemu
# Install qemu 6.2.0_1 from the downloaded file
brew install -f qemu-6.2.0_1.monterey.bottle.tar.gz
Running qemu-system-x86_64 --version should now show QEMU emulator version 6.2.0. To get back to QEMU 7, run brew switch qemu 7.0.0_1. To get back to QEMU 6 for x86_64, run brew switch qemu 6.2.0_1. If you have a different version than 7.0.0_1 installed, list your installed versions with brew list qemu --versions and adjust your commands as necessary.
Create a podman machine using the x86_64 image of Fedora CoreOS. You can get an up to date version of the image from here (Fedora CoreOS) or use the version in the command below. Copy the link from the download button for QEMU (qcow2.xz)
podman machine init --image-path https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/36.20220703.3.1/x86_64/fedora-coreos-36.20220703.3.1-qemu.x86_64.qcow2.xz intel
Don't start your VM yet, it won't work!
Now we will have a podman VM called intel which is set to use the x86_64 image.
We now need to configure the machine JSON file as podman assumes we're running the aarch64 image rather than the x86_64 image.
Navigate to ~/.config/containers/podman/machine/qemu. We need to open the file called intel.json in an editor to change the QEMU command line options. Before making any changes it is recommended to backup this file before editing.
Changes to make:
- Change the qemu line near the top, this makes podman launch the correct QEMU for our image
/opt/homebrew/bin/qemu-system-aarch64
to
/opt/homebrew/bin/qemu-system-x86_64
- Remove the following lines, these properties aren't valid with
qemu-system-x86_64 v6.2.0_1. If you see something different after -cpu instead of host, such as cortex-a57 remove that line:
"-accel",
"hvf",
"-accel",
"tcg",
"-cpu",
"host",
"-M",
"virt,highmem=on",
"-drive",
"file=/Users/<username>/.local/share/containers/podman/machine/qemu/intel_ovmf_vars.fd,if=pflash,format=raw"
- Change the line
file=/opt/homebrew/share/qemu/edk2-aarch64-code.fd,if=pflash,format=raw,readonly=on
to
file=/opt/homebrew/share/qemu/edk2-x86_64-code.fd,if=pflash,format=raw,readonly=on
The podman configuration file is now correctly setup to launch the VM.
Switch the default podman machine to the new x86_64 one with
podman system connection default intel
You can reverse this to go back to the normal podman VM with the command
podman system connection default podman-machine-default
To start your new x86_64 vm, make sure you're on QEMU v6.2.0_1 with
brew switch qemu 6.2.0_1
and then:
podman machine start intel
Starting the VM takes a few minutes as it's emulating x86_64 rather than running natively, use the podman-machine-default aarch64 vm if you're not having compatibility problems with your containers.
Running podman run --rm --env LICENSE=accept --env MQ_QMGR_NAME=QM1 icr.io/ibm-messaging/mq:latest now will not produce the same error and the container will start and run successfully.
To return to the default aarch64 podman vm run:
podman machine stop intel
brew switch qemu 7.0.0_1
podman system connection default podman-machine-default
podman machine start podman-machine-default