Podman

2024-08-08T09:36:19Z

Pbabinca: don't use doas and use # to show that shell prompt is running as root

== Installation ==

Podman can be installed via {{Pkg|podman}} package in the community repository.

{{Cmd|# apk add podman}}

=== Running as root ===

To run podman you'll need to enable the <code>cgroups</code> service, consider enabling [[OpenRC#cgroups v2|cgroups v2]].

{{Cmd|# rc-update add cgroups}}
{{Cmd|# rc-service cgroups start}}

You might need to restart your machine for this to work properly.

If you are running on top of [[Btrfs]], consider setting storage driver to <code>btrfs</code>:

{{Cmd|$ cat /etc/containers/storage.conf | grep 'driver ='}}

driver = "btrfs"

=== Running in rootless mode ===

For rootless support (replace <USER> with your username):

{{Cmd|# modprobe tun
# echo tun >>/etc/modules
# echo <USER>:100000:65536 >/etc/subuid
# echo <USER>:100000:65536 >/etc/subgid}}

Run an example container to verify everything works:

{{Cmd|$ podman run --rm hello-world}}

==== Shared mount ====

Containers on linux might require filesystems to be mounted with different propagation than the kernel default of 'private'. If you see a warning:

: WARN[0000] "/" is not a shared mount, this could cause issues or missing mounts with rootless containers

you might want to fix this temporarily, for currently running system:

{{Cmd|# mount --make-rshared /}}

and try the command that caused the warning again.

Alternatively, you could use following command:

{{Cmd|# findmnt -o PROPAGATION /}}

which should print:

PROPAGATION
shared

For a permanent fix (after a [https://github.com/OpenRC/openrc/pull/526 OpenRC PR#526] is released - in newer version than 0.54.2-r1), edit {{path|/etc/fstab}}:

{{cmd|# $EDITOR /etc/fstab}}

Add <code>shared</code> option to the root partition:

/dev/sda2 / ext4 rw,relatime,shared 0 1

and after a reboot test it out similarly as above.

=== Docker compose ===

Podman provides a drop-in replacement for docker compose. The {{Pkg|podman-compose}} package provides this.

Each time that docker compose is used, a warning will remind that this is using podman under the hood. This warning can be squelched permanently by running:

{{cmd|# touch /etc/containers/nodocker}}

[[Category:Virtualization]]

Podman

2024-08-08T09:31:09Z

Pbabinca: Shared mount

== Installation ==

Podman can be installed via {{Pkg|podman}} package in the community repository.

{{Cmd|# apk add podman}}

=== Running as root ===

To run podman you'll need to enable the <code>cgroups</code> service, consider enabling [[OpenRC#cgroups v2|cgroups v2]].

{{Cmd|# rc-update add cgroups}}
{{Cmd|# rc-service cgroups start}}

You might need to restart your machine for this to work properly.

If you are running on top of [[Btrfs]], consider setting storage driver to <code>btrfs</code>:

{{Cmd|$ cat /etc/containers/storage.conf | grep 'driver ='}}

driver = "btrfs"

=== Running in rootless mode ===

For rootless support (replace <USER> with your username):

{{Cmd|# modprobe tun
# echo tun >>/etc/modules
# echo <USER>:100000:65536 >/etc/subuid
# echo <USER>:100000:65536 >/etc/subgid}}

Run an example container to verify everything works:

{{Cmd|$ podman run --rm hello-world}}

==== Shared mount ====

Containers on linux might require filesystems to be mounted with different propagation than the kernel default of 'private'. If you see a warning:

: WARN[0000] "/" is not a shared mount, this could cause issues or missing mounts with rootless containers

you might want to fix this temporarily, for currently running system:

{{Cmd|doas mount --make-rshared /}}

and try the command that caused the warning again.

Alternatively, you could use following command:

{{Cmd|doas findmnt -o PROPAGATION /}}

which should print:

PROPAGATION
shared

For a permanent fix (after a [https://github.com/OpenRC/openrc/pull/526 OpenRC PR#526] is released - in newer version than 0.54.2-r1), edit {{path|/etc/fstab}}:

{{cmd|doas $EDITOR /etc/fstab}}

Add <code>shared</code> option to the root partition:

/dev/sda2 / ext4 rw,relatime,shared 0 1

and after a reboot test it out similarly as above.

=== Docker compose ===

Podman provides a drop-in replacement for docker compose. The {{Pkg|podman-compose}} package provides this.

Each time that docker compose is used, a warning will remind that this is using podman under the hood. This warning can be squelched permanently by running:

touch /etc/containers/nodocker

[[Category:Virtualization]]

Alpine Linux - User contributions [en]

Podman

Podman