diff options
| author | alex <alex@pdp7.net> | 2023-04-01 16:07:54 +0200 |
|---|---|---|
| committer | Alex Corcoles <alex@corcoles.net> | 2023-04-01 16:09:17 +0200 |
| commit | 3b2dfba62d970e4612a5e90051f6cb5d1aa1824e (patch) | |
| tree | 59fc470662c6314aec673a76c6116f7dc7a37c0a /personal_infra | |
| parent | 658d091dbd37826180466c1ad9ef6923f52b7b7b (diff) | |
Document Podman
Diffstat (limited to 'personal_infra')
| -rw-r--r-- | personal_infra/README.md | 4 | ||||
| -rw-r--r-- | personal_infra/podman.md | 26 |
2 files changed, 30 insertions, 0 deletions
diff --git a/personal_infra/README.md b/personal_infra/README.md index 522786e9..a3249853 100644 --- a/personal_infra/README.md +++ b/personal_infra/README.md @@ -50,3 +50,7 @@ For the moment, I'm managing the following distros using this setup. I perform catalog compilation on my laptop running EL9. Although [support across Puppet 5.5-7 is not documented](https://www.puppet.com/docs/puppet/7/platform_lifecycle.html#primary-agent-compatibility), catalogs still seem to be compatible. + +## Misc + +* [Podman](podman.md) diff --git a/personal_infra/podman.md b/personal_infra/podman.md new file mode 100644 index 00000000..703b6edf --- /dev/null +++ b/personal_infra/podman.md @@ -0,0 +1,26 @@ +# Podman + +You can create LXC containers in Proxmox (using ZFS) that can run rootless Podman. + +The [`proxmox_create_lxc`](playbooks/roles/proxmox_create_lxc/) role can create the LXC container with the necessary options with the following configuration: + +``` +proxmox: +... + privileged: true + features: fuse=1,nesting=1 + extra: + - "lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file" + - "lxc.cgroup2.devices.allow: c 10:200 rwm" +``` + +The [`podman`](puppet/modules/podman/) Puppet module can add the necessary configuration: + +``` +class {'podman': + user => 'your_username', + storage_driver => 'zfs', +} +``` + +This module configures subuids/subgids, but until you reboot, you will get some warnings using Podman. |