container/podman
container/podman
1
0
Fork 0
mirror of https://github.com/containers/podman synced 2024-10-19 08:44:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update installation instructions

Browse source 
Signed-off-by: h-vetinari <h.vetinari@gmx.com>
This commit is contained in:
Axel Obermeier 2019-05-06 07:44:45 +02:00
parent 0a5f6236f1
commit fe2d074608
2 changed files with 141 additions and 172 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

111
docs/tutorials/podman_tutorial.md
View file

@ -8,114 +8,9 @@ commands with Podman.
**NOTE**: the code samples are intended to be run as a non-root user, and use `sudo` where
root escalation is required.
## Install Podman on Fedora from RPM Repositories
Fedora 27 and later provide Podman via the package manager.
```console
sudo dnf install -y podman
```
## Installing Podman
*Optional*: If you've already installed podman on Fedora and you're feeling
adventerous, you can test the very latest podman in Fedora's `updates-testing`
repository before it goes out to all Fedora users.
```console
sudo yum distro-sync --enablerepo=updates-testing podman
```
If you use a newer podman package from Fedora's `updates-testing`, we would
appreciate your `+1` feedback in [Bodhi, Fedora's update management
system](https://bodhi.fedoraproject.org/updates/?packages=podman).
## Install Podman on Fedora from Source
Many of the basic components to run Podman are readily available from the Fedora RPM repositories.
In this section, we will help you install all the runtime and build dependencies for Podman,
acquire the source, and build it.
### Installing build and runtime dependencies
```console
sudo dnf install -y git runc libassuan-devel golang golang-github-cpuguy83-go-md2man glibc-static \
gpgme-devel glib2-devel device-mapper-devel libseccomp-devel \
atomic-registries iptables containers-common containernetworking-cni \
conmon ostree-devel
```
### Building and installing podman
First, configure a `GOPATH` (if you are using go1.8 or later, this defaults to `~/go`), then clone
and make libpod.
```console
export GOPATH=~/go
mkdir -p $GOPATH
git clone https://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod
cd $GOPATH/src/github.com/containers/libpod
make
sudo make install PREFIX=/usr
```
You now have a working podman environment. Jump to [Familiarizing yourself with Podman](#familiarizing-yourself-with-podman)
to begin using Podman.
## Install podman on Ubuntu
The default Ubuntu cloud image size will not allow for the following exercise to be done without increasing its
capacity. Be sure to add at least 5GB to the image. Instructions to do this are outside the scope of this
tutorial. For this tutorial, the Ubuntu **artful-server-cloudimg** image was used.
### Installing build and runtime dependencies
#### Installing base packages
```console
sudo apt-get update
sudo apt-get install libdevmapper-dev libglib2.0-dev libgpgme11-dev golang libseccomp-dev libostree-dev \
go-md2man libprotobuf-dev libprotobuf-c0-dev libseccomp-dev python3-setuptools
```
#### Building and installing conmon
First, configure a `GOPATH` (if you are using go1.8 or later, this defaults to `~/go`), then clone
and make libpod.
```console
export GOPATH=~/go
mkdir -p $GOPATH
git clone https://github.com/kubernetes-sigs/cri-o $GOPATH/src/github.com/kubernetes-sigs/cri-o
cd $GOPATH/src/github.com/kubernetes-sigs/cri-o
mkdir bin
make bin/conmon
sudo install -D -m 755 bin/conmon /usr/libexec/podman/conmon
```
#### Adding required configuration files
```console
sudo mkdir -p /etc/containers
sudo curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora -o /etc/containers/registries.conf
sudo curl https://raw.githubusercontent.com/containers/skopeo/master/default-policy.json -o /etc/containers/policy.json
```
#### Installing CNI plugins
```console
git clone https://github.com/containernetworking/plugins.git $GOPATH/src/github.com/containernetworking/plugins
cd $GOPATH/src/github.com/containernetworking/plugins
./build_linux.sh
sudo mkdir -p /usr/libexec/cni
sudo cp bin/* /usr/libexec/cni
```
#### Installing CNI config
Add a most basic network config
```console
mkdir -p /etc/cni/net.d
curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/99-loopback.conf
```
#### Installing runc
```console
git clone https://github.com/opencontainers/runc.git $GOPATH/src/github.com/opencontainers/runc
cd $GOPATH/src/github.com/opencontainers/runc
make BUILDTAGS="seccomp"
sudo cp runc /usr/bin/runc
```
### Building and installing Podman
```console
git clone https://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod
cd $GOPATH/src/github.com/containers/libpod
make
sudo make install PREFIX=/usr
```
For installing or building Podman, please see the [installation instructions](install.md).
## Familiarizing yourself with Podman
@ -128,7 +23,7 @@ podman run -dt -p 8080:8080/tcp -e HTTPD_VAR_RUN=/var/run/httpd -e HTTPD_MAIN_CO
-e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \
registry.fedoraproject.org/f27/httpd /usr/bin/run-httpd
```
Because the container is being run in detached mode, represented by the *-d* in the podman run command, podman
Because the container is being run in detached mode, represented by the *-d* in the `podman run` command, Podman
will print the container ID after it has run. Note that we use port forwarding to be able to
access the HTTP server. For successful running at least slirp4netns v0.3.0 is needed.

202
install.md
View file

@ -8,7 +8,7 @@
sudo pacman -S podman
```
If you have problems when running podman in [rootless](README.md#rootless) mode follow [these instructions](https://wiki.archlinux.org/index.php/Linux_Containers#Enable_support_to_run_unprivileged_containers_(optional))
If you have problems when running Podman in [rootless](README.md#rootless) mode follow the instructions [here](https://wiki.archlinux.org/index.php/Linux_Containers#Enable_support_to_run_unprivileged_containers_(optional))
#### [Fedora](https://www.fedoraproject.org), [CentOS](https://www.centos.org)
@ -16,7 +16,6 @@ If you have problems when running podman in [rootless](README.md#rootless) mode
sudo yum -y install podman
```
#### [Fedora-CoreOS](https://coreos.fedoraproject.org), [Fedora SilverBlue](https://silverblue.fedoraproject.org)
Built-in, no need to install
@ -39,7 +38,7 @@ Built-in, no need to install
#### [RHEL7](https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux)
Subscribe, then enable Extras channel and install podman.
Subscribe, then enable Extras channel and install Podman.
```bash
sudo subscription-manager repos --enable=rhel-7-server-extras-rpms
@ -53,8 +52,12 @@ sudo yum module enable -y container-tools:1.0
sudo yum module install -y container-tools:1.0
```
### Installing development versions of Podman
#### [Ubuntu](https://www.ubuntu.com)
The latest builds are available in a PPA. Take note of the [Build and Run Dependencies](#build-and-run-dependencies) listed below if you run into any issues.
```bash
sudo apt-get update -qq
sudo apt-get install -qq -y software-properties-common uidmap
@ -63,26 +66,21 @@ sudo apt-get update -qq
sudo apt-get -qq -y install podman
```
Take note of the [Build and Run Dependencies](#build-and-run-dependencies) listed below if you run into any issues.
#### Fedora
You can test the very latest Podman in Fedora's `updates-testing`
repository before it goes out to all Fedora users.
```console
sudo yum distro-sync --enablerepo=updates-testing podman
```
If you use a newer Podman package from Fedora's `updates-testing`, we would
appreciate your `+1` feedback in [Bodhi, Fedora's update management
system](https://bodhi.fedoraproject.org/updates/?packages=podman).
## Building from scratch
### Prerequisites
#### runc installed
The latest version of `runc` is expected to be installed on the system. It is picked up as the default runtime by podman.
#### conmon installed
The latest version of `conmon` is expected to be installed on the system. Conmon is used to monitor OCI Runtimes.
#### Setup CNI networking
A proper description of setting up CNI networking is given in the [`cni` README](cni/README.md).
But the gist is that you need to have some basic network configurations enabled and
CNI plugins installed on your system.
### Build and Run Dependencies
**Required**
@ -90,7 +88,7 @@ CNI plugins installed on your system.
Fedora, CentOS, RHEL, and related distributions:
```bash
yum install -y \
sudo yum install -y \
atomic-registries \
btrfs-progs-devel \
conmon \
@ -118,42 +116,133 @@ yum install -y \
Debian, Ubuntu, and related distributions:
```bash
apt-get install -y \
sudo apt-get install \
btrfs-tools \
git \
golang-go \
go-md2man \
iptables \
libassuan-dev \
libc6-dev \
libdevmapper-dev \
libglib2.0-dev \
libc6-dev \
libgpgme11-dev \
libgpgme-dev \
libgpg-error-dev \
libostree-dev \
libprotobuf-dev \
libprotobuf-c0-dev \
libseccomp-dev \
libselinux1-dev \
libsystemd-dev \
pkg-config \
runc \
uidmap
```
Debian, Ubuntu, and related distributions will also need to do the following setup:
### Building missing dependencies
* A copy of the development libraries for `ostree`, either in the form of the `libostree-dev` package from the [flatpak](https://launchpad.net/~alexlarsson/+archive/ubuntu/flatpak) PPA, or built [from source](https://github.com/ostreedev/ostree) (more on that [here](https://ostree.readthedocs.io/en/latest/#building)). As of Ubuntu 18.04, `libostree-dev` is available in the main repositories, and the PPA is no longer required.
* [Add required configuration files](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#adding-required-configuration-files)
* Install conmon, CNI plugins and runc
* [Install conmon](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#building-and-installing-conmon)
* [Install CNI plugins](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#installing-cni-plugins)
* [runc Installation](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#installing-runc) - Although installable, the latest runc is not available in the Ubuntu repos. Version 1.0.0-rc4 is the minimal requirement.
If any dependencies cannot be installed or are not sufficiently current, they have to be built from source.
This will mainly affect Debian, Ubuntu, and related distributions, or RHEL where no subscription is active (e.g. Cloud VMs).
**NOTE**
#### ostree
If using an older release or a long-term support release, be careful to double-check that the version of `runc` is new enough (running `runc --version` should produce `spec: 1.0.0`), or else [build](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#installing-runc) your own.
A copy of the development libraries for `ostree` is necessary, either in the form of the `libostree-dev` package
from the [flatpak](https://launchpad.net/~alexlarsson/+archive/ubuntu/flatpak) PPA,
or built [from source](https://github.com/ostreedev/ostree/blob/master/docs/contributing-tutorial.md)
(see also [here](https://ostree.readthedocs.io/en/latest/#building)). As of Ubuntu 18.04, `libostree-dev` is available in the main repositories,
and the PPA is no longer required.
Be careful to double-check that the version of golang is new enough, version 1.10.x or higher is required. If needed, golang kits are available at https://golang.org/dl/
To build, use the following (running `make` can take a while):
```bash
git clone https://github.com/ostreedev/ostree ~/ostree
cd ~/ostree
git submodule update --init
# for Fedora, CentOS, RHEL
sudo yum install -y automake bison e2fsprogs-devel fuse-devel libtool xz-devel zlib-devel
# for Debian, Ubuntu etc.
sudo apt-get install -y automake bison e2fsprogs fuse liblzma-dev libtool zlib1g
**Optional**
./autogen.sh --prefix=/usr --libdir=/usr/lib64 --sysconfdir=/etc
# remove --nonet option due to https:/github.com/ostreedev/ostree/issues/1374
sed -i '/.*--nonet.*/d' ./Makefile-man.am
make
sudo make install
```
#### golang
Be careful to double-check that the version of golang is new enough (i.e. `go version`), version 1.10.x or higher is required.
If needed, golang kits are available at https://golang.org/dl/. Alternatively, go can be built from source as follows
(it's helpful to leave the system-go installed, to avoid having to [bootstrap go](https://golang.org/doc/install/source):
```bash
export GOPATH=~/go
git clone https://go.googlesource.com/go $GOPATH
cd $GOPATH
git checkout tags/go1.10.8 # optional
cd src
./all.bash
export PATH=$GOPATH/bin:$PATH
```
#### conmon
The latest version of `conmon` is expected to be installed on the system. Conmon is used to monitor OCI Runtimes.
To build from source, use the following (if not already executed above, run `export GOPATH=~/go && mkdir -p $GOPATH`):
```bash
git clone https://github.com/cri-o/cri-o $GOPATH/src/github.com/cri-o/cri-o
cd $GOPATH/src/github.com/cri-o/cri-o
mkdir bin
make bin/conmon
sudo install -D -m 755 bin/conmon /usr/libexec/podman/conmon
```
#### runc
The latest version of `runc` is expected to be installed on the system. It is picked up as the default runtime by Podman.
Version 1.0.0-rc4 is the minimal requirement, which is available in Ubuntu 18.04 already.
To double-check, `runc --version` should produce at least `spec: 1.0.1`, otherwise build your own:
```bash
git clone https://github.com/opencontainers/runc.git $GOPATH/src/github.com/opencontainers/runc
cd $GOPATH/src/github.com/opencontainers/runc
make BUILDTAGS="selinux seccomp"
sudo cp runc /usr/bin/runc
```
#### CNI plugins
```bash
git clone https://github.com/containernetworking/plugins.git $GOPATH/src/github.com/containernetworking/plugins
cd $GOPATH/src/github.com/containernetworking/plugins
./build_linux.sh
sudo mkdir -p /usr/libexec/cni
sudo cp bin/* /usr/libexec/cni
```
#### Setup CNI networking
A proper description of setting up CNI networking is given in the [`cni` README](cni/README.md).
Using the CNI plugins from above, a more basic network config is achieved with:
```bash
mkdir -p /etc/cni/net.d
curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/99-loopback.conf
```
#### Add configuration
```bash
sudo mkdir -p /etc/containers
sudo curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora -o /etc/containers/registries.conf
sudo curl https://raw.githubusercontent.com/containers/skopeo/master/default-policy.json -o /etc/containers/policy.json
```
#### Optional packages
Fedora, CentOS, RHEL, and related distributions:
@ -168,53 +257,38 @@ apt-get install -y \
### Get Source Code
As with other Go projects, PODMAN must be cloned into a directory structure like:
As with other Go projects, Podman must be cloned into a directory structure like:
```
GOPATH
└── src
└── github.com
└── containers
└── libpod
└── containers
└── libpod
```
First, configure a `GOPATH` (if you are using go1.8 or later, this defaults to `~/go`)
and then add $GOPATH/bin to your $PATH environment variable.
First, ensure that the go version that is found first on the $PATH (in case you built your own; see [above](#golang)) is sufficiently recent -
`go version` must be higher than 1.10.x). Then we can finally build Podman (assuming we already have a `$GOPATH` and the corresponding folder,
`export GOPATH=~/go && mkdir -p $GOPATH`):
```bash
export GOPATH=~/go
mkdir -p $GOPATH
export PATH=$PATH:$GOPATH/bin
git clone https://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod
cd $GOPATH/src/github.com/containers/libpod
make BUILDTAGS="selinux seccomp"
sudo make install PREFIX=
```
Next, clone the source code using:
#### Build Tags
```bash
mkdir -p $GOPATH/src/github.com/containers
cd $_ # or cd $GOPATH/src/github.com/containers
git clone https://github.com/containers/libpod # or your fork
cd libpod
```
### Build
```bash
make install.tools
make
sudo make install
```
Otherwise, if you do not want to build `podman` with seccomp support you can add `BUILDTAGS=""` when running make.
Otherwise, if you do not want to build Podman with seccomp or selinux support you can add `BUILDTAGS=""` when running make.
```bash
make BUILDTAGS=""
sudo make install
```
#### Build Tags
`podman` supports optional build tags for compiling support of various features.
To add build tags to the make option the `BUILDTAGS` variable must be set.
Podman supports optional build tags for compiling support of various features.
To add build tags to the make option the `BUILDTAGS` variable must be set, for example:
```bash
make BUILDTAGS='seccomp apparmor'