Install and configure podman in rootless mode.
GitLab project : yoanncolin/ansible/roles/podman
The Linux base system configured with :
- SSH
- Python (for Ansible)
- Sudo
- Package manager ready to use
The gwerlas.system role can help You :
ansible-galaxy install gwerlas.system- name: My playbook
hosts: all
roles:
- gwerlas.system
- gwerlas.podmanAvailable variables are listed below, along with default values (see defaults/main.yml):
podman_compose_install: false
podman_toolbox_install: false
podman_mimic_docker: false
podman_users:
- "{{ ansible_user_id }}"By default, we let the configuration files of the distribution inchanged.
Except for the Debian 11 containers settings who does not work out of the box.
To use a customized configuration, use podman_*_config settings.
Use the podman_containers_config dictionary to populate the /etc/containers/containers.conf
file following the same structure as the toml described in containers.conf man page.
For example :
podman_containers_config:
containers:
log_driver: journald
engine:
cgroup_manager: cgroupfsWill generate the /etc/containers/containers.conf bellow :
[containers]
log_drivers = "journald"
[engine]
cgroup_manager = "cgroupfs"For Debian 11 only, we overwrite the distribution defaults by the configuration above.
NOTE We do not support the deprecated version 1 format.
Use the podman_registries_config dictionary to populate the /etc/containers/registries.conf
file following the same structure as the toml described in registries.conf man page.
For example :
podman_registries_config:
unqualified-search-registries:
- docker.io
registry:
- location: my-insecure-registry:5000
insecure: trueWill generate the /etc/containers/registries.conf bellow :
unqualified-search-registries = ['docker.io']
[[registry]]
location = my-insecure-registry:5000
insecure = trueUse the podman_storage_config dictionary to populate the /etc/containers/storage.conf
file following the same structure as the toml described in storage.conf man page.
For example :
podman_storage_config:
storage:
driver: zfs
options:
zfs:
mountopt: "nodev"Will generate the /etc/containers/storage.conf bellow :
[storage]
driver = "zfs"
[storage.options.zfs]
mountopt = "nodev"Use the podman_libpod_config dictionary to populate the /etc/containers/libpod.conf
file following the same structure as the toml described in libpod.conf man page.
For example :
podman_libpod_config:
cgroup_manager: cgroupfsWill generate the /etc/containers/libpod.conf bellow :
cgroup_manager = "cgroupfs"For Debian 11 only, we overwrite the distribution defaults by the configuration above.
The podman_compose_install set to true will install podman-compose if it is available
for the distribution of the targetted host.
The podman_toolbox_install set to true will install podman-toolbox if it is available
for the distribution of the targetted host.
You can mimic Docker throw the podman_mimic_docker parameter set to true. If the package
podman-docker is available for the target Linux distribution, il will be installed, in the
other cases a symlink will be created.
So the scripts calling docker will transparently use podman instead, or almost.
If the installed version of Podman is 3.0 or upper, the service will be enabled for each
podman_users and the environment variables DOCKER_BUILDKIT and DOCKER_HOST will be
respectively set to 0 and $XDG_RUNTIME_DIR/podman/podman.sock.
So you will be able to run Docker in Podman.
None.
An exemple of the way to be the more compatible with Docker as You can :
---
- name: Docker compatible
hosts: all
roles:
- name: gwerlas.system
- name: gwerlas.podman
vars:
podman_mimic_docker: true
podman_registries_config:
unqualified-search-registries:
- docker.ioAfter the podman installation, the podman_current_version fact is set to permit
some checks, and to adapt the code for the target node.
BSD
An optional section for the role authors to include contact information, or a website (HTML is not allowed).