Podman: Difference between revisions
(Shared mount) |
m (add if container use vfs driver) |
||
(One intermediate revision by one other user not shown) | |||
Line 19: | Line 19: | ||
driver = "btrfs" | driver = "btrfs" | ||
If you're running inside a container, change the storage driver to <code>vfs</code> | |||
=== Running in rootless mode === | === Running in rootless mode === | ||
Line 41: | Line 43: | ||
you might want to fix this temporarily, for currently running system: | you might want to fix this temporarily, for currently running system: | ||
{{Cmd| | {{Cmd|# mount --make-rshared /}} | ||
and try the command that caused the warning again. | and try the command that caused the warning again. | ||
Line 47: | Line 49: | ||
Alternatively, you could use following command: | Alternatively, you could use following command: | ||
{{Cmd| | {{Cmd|# findmnt -o PROPAGATION /}} | ||
which should print: | which should print: | ||
Line 56: | Line 58: | ||
For a permanent fix (after a [https://github.com/OpenRC/openrc/pull/526 OpenRC PR#526] is released - in newer version than 0.54.2-r1), edit {{path|/etc/fstab}}: | For a permanent fix (after a [https://github.com/OpenRC/openrc/pull/526 OpenRC PR#526] is released - in newer version than 0.54.2-r1), edit {{path|/etc/fstab}}: | ||
{{cmd| | {{cmd|# $EDITOR /etc/fstab}} | ||
Add <code>shared</code> option to the root partition: | Add <code>shared</code> option to the root partition: | ||
Line 70: | Line 72: | ||
Each time that docker compose is used, a warning will remind that this is using podman under the hood. This warning can be squelched permanently by running: | Each time that docker compose is used, a warning will remind that this is using podman under the hood. This warning can be squelched permanently by running: | ||
{{cmd|# touch /etc/containers/nodocker}} | |||
[[Category:Virtualization]] | [[Category:Virtualization]] |
Latest revision as of 19:47, 24 August 2024
Installation
Podman can be installed via podman package in the community repository.
# apk add podman
Running as root
To run podman you'll need to enable the cgroups
service, consider enabling cgroups v2.
# rc-update add cgroups
# rc-service cgroups start
You might need to restart your machine for this to work properly.
If you are running on top of Btrfs, consider setting storage driver to btrfs
:
$ cat /etc/containers/storage.conf
driver = "btrfs"
If you're running inside a container, change the storage driver to vfs
Running in rootless mode
For rootless support (replace <USER> with your username):
# modprobe tun # echo tun >>/etc/modules # echo <USER>:100000:65536 >/etc/subuid # echo <USER>:100000:65536 >/etc/subgid
Run an example container to verify everything works:
$ podman run --rm hello-world
Containers on linux might require filesystems to be mounted with different propagation than the kernel default of 'private'. If you see a warning:
- WARN[0000] "/" is not a shared mount, this could cause issues or missing mounts with rootless containers
you might want to fix this temporarily, for currently running system:
# mount --make-rshared /
and try the command that caused the warning again.
Alternatively, you could use following command:
# findmnt -o PROPAGATION /
which should print:
PROPAGATION shared
For a permanent fix (after a OpenRC PR#526 is released - in newer version than 0.54.2-r1), edit /etc/fstab:
# $EDITOR /etc/fstab
Add shared
option to the root partition:
/dev/sda2 / ext4 rw,relatime,shared 0 1
and after a reboot test it out similarly as above.
Docker compose
Podman provides a drop-in replacement for docker compose. The podman-compose package provides this.
Each time that docker compose is used, a warning will remind that this is using podman under the hood. This warning can be squelched permanently by running:
# touch /etc/containers/nodocker