Podman: Difference between revisions
imported>TyberiusPrime No edit summary |
imported>RohanHart podman with ZFS |
||
| Line 17: | Line 17: | ||
</syntaxHighlight> | </syntaxHighlight> | ||
=== Using podman with ZFS === | |||
For root using ZFS podman needs access to the ZFS tools. | |||
<syntaxHighlight lang="nix"> | |||
virtualisation.podman.extraPackages = [ pkgs.zfs ]; | |||
</syntaxHighlight> | |||
Rootless can't use ZFS directly but the overlay needs POSIX ACL enabled for the underlying ZFS filesystem, ie., <code>acltype=posixacl</code> | |||
== Use Podman within nix-shell == | == Use Podman within nix-shell == | ||
Revision as of 04:20, 9 February 2022
Podman can run rootless containers and be a drop-in replacement for Docker.
Install and configure podman with NixOS service configuration
{ pkgs, ... }:
{
virtualisation = {
podman = {
enable = true;
# Create a `docker` alias for podman, to use it as a drop-in replacement
dockerCompat = true;
};
};
}
Using podman with ZFS
For root using ZFS podman needs access to the ZFS tools.
virtualisation.podman.extraPackages = [ pkgs.zfs ];
Rootless can't use ZFS directly but the overlay needs POSIX ACL enabled for the underlying ZFS filesystem, ie., acltype=posixacl
Use Podman within nix-shell
https://gist.github.com/adisbladis/187204cb772800489ee3dac4acdd9947
Note that rootless podman requires newuidmap (from shadow). If you're not on NixOS, this can't not be supplied by the Nix package 'shadow' since setuid/setgid programs are not currently supported by Nix.
Run Podman containers as systemd services
{
virtualisation.oci-containers.backend = "podman";
virtualisation.oci-containers.containers = {
container-name = {
image = "container-image";
autoStart = true;
ports = [ "127.0.0.1:1234:1234" ];
};
};
}