diff options
| author | alex <alex@pdp7.net> | 2023-04-01 16:07:54 +0200 |
|---|---|---|
| committer | Alex Corcoles <alex@corcoles.net> | 2023-04-01 16:09:17 +0200 |
| commit | 3b2dfba62d970e4612a5e90051f6cb5d1aa1824e (patch) | |
| tree | 59fc470662c6314aec673a76c6116f7dc7a37c0a /personal_infra/podman.md | |
| parent | 658d091dbd37826180466c1ad9ef6923f52b7b7b (diff) | |
Document Podman
Diffstat (limited to 'personal_infra/podman.md')
| -rw-r--r-- | personal_infra/podman.md | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/personal_infra/podman.md b/personal_infra/podman.md new file mode 100644 index 00000000..703b6edf --- /dev/null +++ b/personal_infra/podman.md @@ -0,0 +1,26 @@ +# Podman + +You can create LXC containers in Proxmox (using ZFS) that can run rootless Podman. + +The [`proxmox_create_lxc`](playbooks/roles/proxmox_create_lxc/) role can create the LXC container with the necessary options with the following configuration: + +``` +proxmox: +... + privileged: true + features: fuse=1,nesting=1 + extra: + - "lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file" + - "lxc.cgroup2.devices.allow: c 10:200 rwm" +``` + +The [`podman`](puppet/modules/podman/) Puppet module can add the necessary configuration: + +``` +class {'podman': + user => 'your_username', + storage_driver => 'zfs', +} +``` + +This module configures subuids/subgids, but until you reboot, you will get some warnings using Podman. |