#!/usr/bin/env bash # http://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md # Buildah and podman are redhats implementation of docker containers. # Main configuration files: # /etc/containers/registries.conf – configuration file which specifies which container registries should be consulted when completing image names which do not include a registry or domain portion. # /etc/containers/mounts.conf – specify volume mount directories that are automatically mounted inside containers when executing the podman run or podman build commands # /etc/containerd/config.toml – configuration file for containerd # podman # tool to manage containers and pods # podman-compose # Run docker-compose.yml using podman # podman-remote # tool to manage containers and pods (remote CLI) # podman-toolbox # unprivileged development environment using containers # aardvark-dns # Container-focused DNS server # podman-docker conflicts with docker-ce and results in its removal. # podman-docker # tool to manage containers and pods (Docker CLI) # Recommends # buildah # CLI tool to facilitate building OCI images # tini # tiny but valid init for containers # catatonit # init process for containers # dumb-init # wrapper script which proxies signals to a child # containers-storage # CLI tools for handling how containers are stored on disk # dbus-user-session # passt # user-mode networking daemons for virtual machines and namespaces # criu # checkpoint and restore in userspace # libcriu2 # checkpoint and restore in userspace (library) # slirp4netns # User-mode networking for unprivileged network namespaces # containernetworking-plugins # standard networking plugins - binaries # Update system sudo apt -y update -qq sudo apt install \ podman \ podman-compose \ podman-remote \ podman-toolbox \ aardvark-dns # Shared mount # # WARN[0000] "/" is not a shared mount, this could cause issues or missing # mounts with rootless containers # # Containers on linux might require filesystems to be mounted with different # propagation than the kernel default of 'private'. # # $ findmnt -o PROPAGATION / # # will produce the following output: # # PROPAGATION # private conf_print_shared_root() { cat < /etc/containers/storage.conf # # # # Install pre-requisites # sudo apt -y install \ # gcc \ # make \ # cmake \ # git \ # btrfs-progs \ # golang-go \ # go-md2man \ # iptables \ # libassuan-dev \ # libc6-dev \ # libdevmapper-dev \ # libglib2.0-dev \ # libgpgme-dev \ # libgpg-error-dev \ # libostree-dev \ # libprotobuf-dev \ # libprotobuf-c-dev \ # libseccomp-dev \ # libselinux1-dev \ # libsystemd-dev \ # pkg-config \ # runc \ # uidmap \ # libapparmor-dev # Install conmon # git clone http://github.com/containers/conmon # cd conmon # make # sudo make podman # sudo cp /usr/local/libexec/podman/conmon /usr/local/bin/ # Install CNI plugins # git clone http://github.com/containernetworking/plugins.git $GOPATH/src/github.com/containernetworking/plugins # cd $GOPATH/src/github.com/containernetworking/plugins # ./build_linux.sh # sudo mkdir -p /usr/libexec/cni # sudo cp bin/* /usr/libexec/cni # Setup CNI networking # sudo mkdir -p /etc/cni/net.d # curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/99-loopback.conf # Populate configuration files # sudo mkdir -p /etc/containers # sudo curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora -o /etc/containers/registries.conf # sudo curl https://raw.githubusercontent.com/containers/skopeo/master/default-policy.json -o /etc/containers/policy.json # Install Podman # git clone http://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod # cd $GOPATH/src/github.com/containers/libpod # make # sudo make install # podman version # podman info