Skip to content

Commit

Permalink
Upgrade podman to version 2.1.1 and remove varlink
Browse files Browse the repository at this point in the history
Add the podman group, to remove "sudo varlink bridge"

Use the podman socket /run/podman/podman.sock instead
  • Loading branch information
afbjorklund committed Nov 8, 2020
1 parent 18b0c00 commit e8791aa
Showing 1 changed file with 14 additions and 6 deletions.
20 changes: 14 additions & 6 deletions deploy/kicbase/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ RUN sh -c "echo 'deb https://download.docker.com/linux/ubuntu focal stable' > /e
RUN sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list" && \
curl -LO https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_20.04/Release.key && \
apt-key add - < Release.key && \
clean-install containers-common catatonit conmon containernetworking-plugins cri-tools podman-plugins varlink
clean-install containers-common catatonit conmon containernetworking-plugins cri-tools podman-plugins

# install cri-o based on https://github.com/cri-o/cri-o/commit/96b0c34b31a9fc181e46d7d8e34fb8ee6c4dc4e1#diff-04c6e90faac2675aa89e2176d2eec7d8R128
RUN sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/1.18:/1.18.3/xUbuntu_20.04/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list" && \
Expand All @@ -119,10 +119,17 @@ RUN sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/lib
clean-install cri-o=1.18.3~3

# install podman
RUN sh -c "echo 'deb https://dl.bintray.com/afbjorklund/podman focal main' > /etc/apt/sources.list.d/podman.list" && \
curl -L https://bintray.com/user/downloadSubjectPublicKey?username=afbjorklund -o afbjorklund-public.key.asc && \
apt-key add - < afbjorklund-public.key.asc && \
clean-install podman=1.9.3~1
RUN sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list" && \
curl -LO https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_20.04/Release.key && \
apt-key add - < Release.key && \
clean-install podman && \
addgroup --system podman && \
mkdir -p /etc/systemd/system/podman.socket.d && \
printf "[Socket]\nSocketMode=0660\nSocketUser=root\nSocketGroup=podman\n" \
> /etc/systemd/system/podman.socket.d/override.conf && \
mkdir -p /etc/tmpfiles.d && \
echo "d /run/podman 0770 root podman" > /etc/tmpfiles.d/podman.conf && \
systemd-tmpfiles --create

RUN mkdir -p /usr/lib/cri-o-runc/sbin && cp /usr/bin/runc /usr/lib/cri-o-runc/sbin/runc

Expand All @@ -135,7 +142,7 @@ RUN ln -fs /usr/lib/systemd/system/minikube-automount.service \
# disable non-docker runtimes by default
RUN systemctl disable containerd && systemctl disable crio && rm /etc/crictl.yaml
# enable docker which is default
RUN systemctl enable docker
RUN systemctl enable docker.service && systemctl enable podman.socket
# making SSH work for docker container
# based on https://github.com/rastasheep/ubuntu-sshd/blob/master/18.04/Dockerfile
RUN mkdir /var/run/sshd
Expand All @@ -150,6 +157,7 @@ EXPOSE 22
# create docker user for minikube ssh. to match VM using "docker" as username
RUN adduser --ingroup docker --disabled-password --gecos '' docker
RUN adduser docker sudo
RUN adduser docker podman
RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
USER docker
RUN mkdir /home/docker/.ssh
Expand Down

0 comments on commit e8791aa

Please sign in to comment.