Merge pull request #3068 from h-vetinari/master
Update installation instructions
This commit is contained in:
		
						commit
						9ae32214f4
					
				|  | @ -8,114 +8,9 @@ commands with Podman. | |||
| **NOTE**: the code samples are intended to be run as a non-root user, and use `sudo` where | ||||
| root escalation is required. | ||||
| 
 | ||||
| ## Install Podman on Fedora from RPM Repositories | ||||
| Fedora 27 and later provide Podman via the package manager. | ||||
| ```console | ||||
| sudo dnf install -y podman | ||||
| ``` | ||||
| ## Installing Podman | ||||
| 
 | ||||
| *Optional*: If you've already installed podman on Fedora and you're feeling | ||||
| adventerous, you can test the very latest podman in Fedora's `updates-testing` | ||||
| repository before it goes out to all Fedora users. | ||||
| ```console | ||||
| sudo yum distro-sync --enablerepo=updates-testing podman | ||||
| ``` | ||||
| 
 | ||||
| If you use a newer podman package from Fedora's `updates-testing`, we would | ||||
| appreciate your `+1` feedback in [Bodhi, Fedora's update management | ||||
| system](https://bodhi.fedoraproject.org/updates/?packages=podman). | ||||
| 
 | ||||
| ## Install Podman on Fedora from Source | ||||
| Many of the basic components to run Podman are readily available from the Fedora RPM repositories. | ||||
| In this section, we will help you install all the runtime and build dependencies for Podman, | ||||
| acquire the source, and build it. | ||||
| 
 | ||||
| ### Installing build and runtime dependencies | ||||
| ```console | ||||
| sudo dnf install -y git runc libassuan-devel golang golang-github-cpuguy83-go-md2man glibc-static \ | ||||
|                                   gpgme-devel glib2-devel device-mapper-devel libseccomp-devel \ | ||||
|                                   atomic-registries iptables containers-common containernetworking-cni \ | ||||
|                                   conmon ostree-devel | ||||
| ``` | ||||
| ### Building and installing podman | ||||
| 
 | ||||
| First, configure a `GOPATH` (if you are using go1.8 or later, this defaults to `~/go`), then clone | ||||
| and make libpod. | ||||
| 
 | ||||
| ```console | ||||
| export GOPATH=~/go | ||||
| mkdir -p $GOPATH | ||||
| git clone https://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod | ||||
| cd $GOPATH/src/github.com/containers/libpod | ||||
| make | ||||
| sudo make install PREFIX=/usr | ||||
| ``` | ||||
| 
 | ||||
| You now have a working podman environment.  Jump to [Familiarizing yourself with Podman](#familiarizing-yourself-with-podman) | ||||
| to begin using Podman. | ||||
| 
 | ||||
| ## Install podman on Ubuntu | ||||
| 
 | ||||
| The default Ubuntu cloud image size will not allow for the following exercise to be done without increasing its | ||||
| capacity.  Be sure to add at least 5GB to the image. Instructions to do this are outside the scope of this | ||||
| tutorial. For this tutorial, the Ubuntu **artful-server-cloudimg** image was used. | ||||
| 
 | ||||
| ### Installing build and runtime dependencies | ||||
| 
 | ||||
| #### Installing base packages | ||||
| ```console | ||||
| sudo apt-get update | ||||
| sudo apt-get install libdevmapper-dev libglib2.0-dev libgpgme11-dev golang libseccomp-dev libostree-dev \ | ||||
|                         go-md2man libprotobuf-dev libprotobuf-c0-dev libseccomp-dev python3-setuptools | ||||
| ``` | ||||
| #### Building and installing conmon | ||||
| First, configure a `GOPATH` (if you are using go1.8 or later, this defaults to `~/go`), then clone | ||||
| and make libpod. | ||||
| 
 | ||||
| ```console | ||||
| export GOPATH=~/go | ||||
| mkdir -p $GOPATH | ||||
| git clone https://github.com/kubernetes-sigs/cri-o $GOPATH/src/github.com/kubernetes-sigs/cri-o | ||||
| cd $GOPATH/src/github.com/kubernetes-sigs/cri-o | ||||
| mkdir bin | ||||
| make bin/conmon | ||||
| sudo install -D -m 755 bin/conmon /usr/libexec/podman/conmon | ||||
| ``` | ||||
| #### Adding required configuration files | ||||
| ```console | ||||
| sudo mkdir -p /etc/containers | ||||
| sudo curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora -o /etc/containers/registries.conf | ||||
| sudo curl https://raw.githubusercontent.com/containers/skopeo/master/default-policy.json -o /etc/containers/policy.json | ||||
| ``` | ||||
| #### Installing CNI plugins | ||||
| ```console | ||||
| git clone https://github.com/containernetworking/plugins.git $GOPATH/src/github.com/containernetworking/plugins | ||||
| cd $GOPATH/src/github.com/containernetworking/plugins | ||||
| ./build_linux.sh | ||||
| sudo mkdir -p /usr/libexec/cni | ||||
| sudo cp bin/* /usr/libexec/cni | ||||
| ``` | ||||
| #### Installing CNI config | ||||
| Add a most basic network config | ||||
| ```console | ||||
| mkdir -p /etc/cni/net.d | ||||
| curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/99-loopback.conf | ||||
| ``` | ||||
| #### Installing runc | ||||
| ```console | ||||
| git clone https://github.com/opencontainers/runc.git $GOPATH/src/github.com/opencontainers/runc | ||||
| cd $GOPATH/src/github.com/opencontainers/runc | ||||
| make BUILDTAGS="seccomp" | ||||
| sudo cp runc /usr/bin/runc | ||||
| ``` | ||||
| 
 | ||||
| ### Building and installing Podman | ||||
| ```console | ||||
| git clone https://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod | ||||
| cd $GOPATH/src/github.com/containers/libpod | ||||
| make | ||||
| sudo make install PREFIX=/usr | ||||
| ``` | ||||
| For installing or building Podman, please see the [installation instructions](install.md). | ||||
| 
 | ||||
| ## Familiarizing yourself with Podman | ||||
| 
 | ||||
|  | @ -128,7 +23,7 @@ podman run -dt -p 8080:8080/tcp -e HTTPD_VAR_RUN=/var/run/httpd -e HTTPD_MAIN_CO | |||
|                   -e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \ | ||||
|                   registry.fedoraproject.org/f27/httpd /usr/bin/run-httpd | ||||
| ``` | ||||
| Because the container is being run in detached mode, represented by the *-d* in the podman run command, podman | ||||
| Because the container is being run in detached mode, represented by the *-d* in the `podman run` command, Podman | ||||
| will print the container ID after it has run. Note that we use port forwarding to be able to | ||||
| access the HTTP server. For successful running at least slirp4netns v0.3.0 is needed. | ||||
| 
 | ||||
|  |  | |||
							
								
								
									
										202
									
								
								install.md
								
								
								
								
							
							
						
						
									
										202
									
								
								install.md
								
								
								
								
							|  | @ -8,7 +8,7 @@ | |||
| sudo pacman -S podman | ||||
| ``` | ||||
| 
 | ||||
| If you have problems when running podman in [rootless](README.md#rootless) mode follow [these instructions](https://wiki.archlinux.org/index.php/Linux_Containers#Enable_support_to_run_unprivileged_containers_(optional)) | ||||
| If you have problems when running Podman in [rootless](README.md#rootless) mode follow the instructions [here](https://wiki.archlinux.org/index.php/Linux_Containers#Enable_support_to_run_unprivileged_containers_(optional)) | ||||
| 
 | ||||
| #### [Fedora](https://www.fedoraproject.org), [CentOS](https://www.centos.org) | ||||
| 
 | ||||
|  | @ -16,7 +16,6 @@ If you have problems when running podman in [rootless](README.md#rootless) mode | |||
| sudo yum -y install podman | ||||
| ``` | ||||
| 
 | ||||
| 
 | ||||
| #### [Fedora-CoreOS](https://coreos.fedoraproject.org), [Fedora SilverBlue](https://silverblue.fedoraproject.org) | ||||
| 
 | ||||
| Built-in, no need to install | ||||
|  | @ -39,7 +38,7 @@ Built-in, no need to install | |||
| 
 | ||||
| #### [RHEL7](https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux) | ||||
| 
 | ||||
| Subscribe, then enable Extras channel and install podman. | ||||
| Subscribe, then enable Extras channel and install Podman. | ||||
| 
 | ||||
| ```bash | ||||
| sudo subscription-manager repos --enable=rhel-7-server-extras-rpms | ||||
|  | @ -53,8 +52,12 @@ sudo yum module enable -y container-tools:1.0 | |||
| sudo yum module install -y container-tools:1.0 | ||||
| ``` | ||||
| 
 | ||||
| ### Installing development versions of Podman | ||||
| 
 | ||||
| #### [Ubuntu](https://www.ubuntu.com) | ||||
| 
 | ||||
| The latest builds are available in a PPA. Take note of the [Build and Run Dependencies](#build-and-run-dependencies) listed below if you run into any issues. | ||||
| 
 | ||||
| ```bash | ||||
| sudo apt-get update -qq | ||||
| sudo apt-get install -qq -y software-properties-common uidmap | ||||
|  | @ -63,26 +66,21 @@ sudo apt-get update -qq | |||
| sudo apt-get -qq -y install podman | ||||
| ``` | ||||
| 
 | ||||
| Take note of the [Build and Run Dependencies](#build-and-run-dependencies) listed below if you run into any issues. | ||||
| #### Fedora | ||||
| 
 | ||||
| You can test the very latest Podman in Fedora's `updates-testing` | ||||
| repository before it goes out to all Fedora users. | ||||
| 
 | ||||
| ```console | ||||
| sudo yum distro-sync --enablerepo=updates-testing podman | ||||
| ``` | ||||
| 
 | ||||
| If you use a newer Podman package from Fedora's `updates-testing`, we would | ||||
| appreciate your `+1` feedback in [Bodhi, Fedora's update management | ||||
| system](https://bodhi.fedoraproject.org/updates/?packages=podman). | ||||
| 
 | ||||
| ## Building from scratch | ||||
| 
 | ||||
| ### Prerequisites | ||||
| 
 | ||||
| #### runc installed | ||||
| 
 | ||||
| The latest version of `runc` is expected to be installed on the system. It is picked up as the default runtime by podman. | ||||
| 
 | ||||
| #### conmon installed | ||||
| 
 | ||||
| The latest version of `conmon` is expected to be installed on the system. Conmon is used to monitor OCI Runtimes. | ||||
| 
 | ||||
| #### Setup CNI networking | ||||
| 
 | ||||
| A proper description of setting up CNI networking is given in the [`cni` README](cni/README.md). | ||||
| But the gist is that you need to have some basic network configurations enabled and | ||||
| CNI plugins installed on your system. | ||||
| 
 | ||||
| ### Build and Run Dependencies | ||||
| 
 | ||||
| **Required** | ||||
|  | @ -90,7 +88,7 @@ CNI plugins installed on your system. | |||
| Fedora, CentOS, RHEL, and related distributions: | ||||
| 
 | ||||
| ```bash | ||||
| yum install -y \ | ||||
| sudo yum install -y \ | ||||
|   atomic-registries \ | ||||
|   btrfs-progs-devel \ | ||||
|   conmon \ | ||||
|  | @ -118,42 +116,133 @@ yum install -y \ | |||
| Debian, Ubuntu, and related distributions: | ||||
| 
 | ||||
| ```bash | ||||
| apt-get install -y \ | ||||
| sudo apt-get install \ | ||||
|   btrfs-tools \ | ||||
|   git \ | ||||
|   golang-go \ | ||||
|   go-md2man \ | ||||
|   iptables \ | ||||
|   libassuan-dev \ | ||||
|   libc6-dev \ | ||||
|   libdevmapper-dev \ | ||||
|   libglib2.0-dev \ | ||||
|   libc6-dev \ | ||||
|   libgpgme11-dev \ | ||||
|   libgpgme-dev \ | ||||
|   libgpg-error-dev \ | ||||
|   libostree-dev \ | ||||
|   libprotobuf-dev \ | ||||
|   libprotobuf-c0-dev \ | ||||
|   libseccomp-dev \ | ||||
|   libselinux1-dev \ | ||||
|   libsystemd-dev \ | ||||
|   pkg-config \ | ||||
|   runc \ | ||||
|   uidmap | ||||
| ``` | ||||
| 
 | ||||
| Debian, Ubuntu, and related distributions will also need to do the following setup: | ||||
| ### Building missing dependencies | ||||
| 
 | ||||
|  * A copy of the development libraries for `ostree`, either in the form of the `libostree-dev` package from the [flatpak](https://launchpad.net/~alexlarsson/+archive/ubuntu/flatpak) PPA, or built [from source](https://github.com/ostreedev/ostree) (more on that [here](https://ostree.readthedocs.io/en/latest/#building)). As of Ubuntu 18.04, `libostree-dev` is available in the main repositories, and the PPA is no longer required. | ||||
|  * [Add required configuration files](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#adding-required-configuration-files) | ||||
|  * Install conmon, CNI plugins and runc | ||||
|    * [Install conmon](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#building-and-installing-conmon) | ||||
|    * [Install CNI plugins](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#installing-cni-plugins) | ||||
|    * [runc Installation](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#installing-runc) - Although installable, the latest runc is not available in the Ubuntu repos. Version 1.0.0-rc4 is the minimal requirement. | ||||
| If any dependencies cannot be installed or are not sufficiently current, they have to be built from source. | ||||
| This will mainly affect Debian, Ubuntu, and related distributions, or RHEL where no subscription is active (e.g. Cloud VMs). | ||||
| 
 | ||||
| **NOTE** | ||||
| #### ostree | ||||
| 
 | ||||
| If using an older release or a long-term support release, be careful to double-check that the version of `runc` is new enough (running `runc --version` should produce `spec: 1.0.0`), or else [build](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#installing-runc) your own. | ||||
| A copy of the development libraries for `ostree` is necessary, either in the form of the `libostree-dev` package | ||||
| from the [flatpak](https://launchpad.net/~alexlarsson/+archive/ubuntu/flatpak) PPA, | ||||
| or built [from source](https://github.com/ostreedev/ostree/blob/master/docs/contributing-tutorial.md) | ||||
| (see also [here](https://ostree.readthedocs.io/en/latest/#building)). As of Ubuntu 18.04, `libostree-dev` is available in the main repositories, | ||||
| and the PPA is no longer required. | ||||
| 
 | ||||
| Be careful to double-check that the version of golang is new enough, version 1.10.x or higher is required.  If needed, golang kits are available at https://golang.org/dl/ | ||||
| To build, use the following (running `make` can take a while): | ||||
| ```bash | ||||
| git clone https://github.com/ostreedev/ostree ~/ostree | ||||
| cd ~/ostree | ||||
| git submodule update --init | ||||
| # for Fedora, CentOS, RHEL | ||||
| sudo yum install -y automake bison e2fsprogs-devel fuse-devel libtool xz-devel zlib-devel | ||||
| # for Debian, Ubuntu etc. | ||||
| sudo apt-get install -y automake bison e2fsprogs fuse liblzma-dev libtool zlib1g | ||||
| 
 | ||||
| **Optional** | ||||
| ./autogen.sh --prefix=/usr --libdir=/usr/lib64 --sysconfdir=/etc | ||||
| # remove --nonet option due to https:/github.com/ostreedev/ostree/issues/1374 | ||||
| sed -i '/.*--nonet.*/d' ./Makefile-man.am | ||||
| make | ||||
| sudo make install | ||||
| ``` | ||||
| 
 | ||||
| #### golang | ||||
| 
 | ||||
| Be careful to double-check that the version of golang is new enough (i.e. `go version`), version 1.10.x or higher is required. | ||||
| If needed, golang kits are available at https://golang.org/dl/. Alternatively, go can be built from source as follows | ||||
| (it's helpful to leave the system-go installed, to avoid having to [bootstrap go](https://golang.org/doc/install/source): | ||||
| 
 | ||||
| ```bash | ||||
| export GOPATH=~/go | ||||
| git clone https://go.googlesource.com/go $GOPATH | ||||
| cd $GOPATH | ||||
| git checkout tags/go1.10.8  # optional | ||||
| cd src | ||||
| ./all.bash | ||||
| export PATH=$GOPATH/bin:$PATH | ||||
| ``` | ||||
| 
 | ||||
| #### conmon | ||||
| 
 | ||||
| The latest version of `conmon` is expected to be installed on the system. Conmon is used to monitor OCI Runtimes. | ||||
| To build from source, use the following (if not already executed above, run `export GOPATH=~/go && mkdir -p $GOPATH`): | ||||
| 
 | ||||
| ```bash | ||||
| git clone https://github.com/cri-o/cri-o $GOPATH/src/github.com/cri-o/cri-o | ||||
| cd $GOPATH/src/github.com/cri-o/cri-o | ||||
| mkdir bin | ||||
| make bin/conmon | ||||
| sudo install -D -m 755 bin/conmon /usr/libexec/podman/conmon | ||||
| ``` | ||||
| 
 | ||||
| #### runc | ||||
| 
 | ||||
| The latest version of `runc` is expected to be installed on the system. It is picked up as the default runtime by Podman. | ||||
| Version 1.0.0-rc4 is the minimal requirement, which is available in Ubuntu 18.04 already. | ||||
| To double-check, `runc --version` should produce at least `spec: 1.0.1`, otherwise build your own: | ||||
| 
 | ||||
| ```bash | ||||
| git clone https://github.com/opencontainers/runc.git $GOPATH/src/github.com/opencontainers/runc | ||||
| cd $GOPATH/src/github.com/opencontainers/runc | ||||
| make BUILDTAGS="selinux seccomp" | ||||
| sudo cp runc /usr/bin/runc | ||||
| ``` | ||||
| 
 | ||||
| #### CNI plugins | ||||
| 
 | ||||
| ```bash | ||||
| git clone https://github.com/containernetworking/plugins.git $GOPATH/src/github.com/containernetworking/plugins | ||||
| cd $GOPATH/src/github.com/containernetworking/plugins | ||||
| ./build_linux.sh | ||||
| sudo mkdir -p /usr/libexec/cni | ||||
| sudo cp bin/* /usr/libexec/cni | ||||
| ``` | ||||
| 
 | ||||
| #### Setup CNI networking | ||||
| 
 | ||||
| A proper description of setting up CNI networking is given in the [`cni` README](cni/README.md). | ||||
| 
 | ||||
| Using the CNI plugins from above, a more basic network config is achieved with: | ||||
| 
 | ||||
| ```bash | ||||
| mkdir -p /etc/cni/net.d | ||||
| curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/99-loopback.conf | ||||
| ``` | ||||
| 
 | ||||
| 
 | ||||
| #### Add configuration | ||||
| 
 | ||||
| ```bash | ||||
| sudo mkdir -p /etc/containers | ||||
| sudo curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora -o /etc/containers/registries.conf | ||||
| sudo curl https://raw.githubusercontent.com/containers/skopeo/master/default-policy.json -o /etc/containers/policy.json | ||||
| ``` | ||||
| 
 | ||||
| 
 | ||||
| #### Optional packages | ||||
| 
 | ||||
| Fedora, CentOS, RHEL, and related distributions: | ||||
| 
 | ||||
|  | @ -168,53 +257,38 @@ apt-get install -y \ | |||
| 
 | ||||
| ### Get Source Code | ||||
| 
 | ||||
| As with other Go projects, PODMAN must be cloned into a directory structure like: | ||||
| As with other Go projects, Podman must be cloned into a directory structure like: | ||||
| 
 | ||||
| ``` | ||||
| GOPATH | ||||
| └── src | ||||
|     └── github.com | ||||
| 	└── containers | ||||
| 	    └── libpod | ||||
|         └── containers | ||||
|             └── libpod | ||||
| ``` | ||||
| 
 | ||||
| First, configure a `GOPATH` (if you are using go1.8 or later, this defaults to `~/go`) | ||||
| and then add $GOPATH/bin to your $PATH environment variable. | ||||
| First, ensure that the go version that is found first on the $PATH (in case you built your own; see [above](#golang)) is sufficiently recent - | ||||
| `go version` must be higher than 1.10.x). Then we can finally build Podman (assuming we already have a `$GOPATH` and the corresponding folder, | ||||
| `export GOPATH=~/go && mkdir -p $GOPATH`): | ||||
| 
 | ||||
| ```bash | ||||
| export GOPATH=~/go | ||||
| mkdir -p $GOPATH | ||||
| export PATH=$PATH:$GOPATH/bin | ||||
| git clone https://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod | ||||
| cd $GOPATH/src/github.com/containers/libpod | ||||
| make BUILDTAGS="selinux seccomp" | ||||
| sudo make install PREFIX= | ||||
| ``` | ||||
| 
 | ||||
| Next, clone the source code using: | ||||
| #### Build Tags | ||||
| 
 | ||||
| ```bash | ||||
| mkdir -p $GOPATH/src/github.com/containers | ||||
| cd $_ # or cd $GOPATH/src/github.com/containers | ||||
| git clone https://github.com/containers/libpod # or your fork | ||||
| cd libpod | ||||
| ``` | ||||
| 
 | ||||
| ### Build | ||||
| 
 | ||||
| ```bash | ||||
| make install.tools | ||||
| make | ||||
| sudo make install | ||||
| ``` | ||||
| 
 | ||||
| Otherwise, if you do not want to build `podman` with seccomp support you can add `BUILDTAGS=""` when running make. | ||||
| Otherwise, if you do not want to build Podman with seccomp or selinux support you can add `BUILDTAGS=""` when running make. | ||||
| 
 | ||||
| ```bash | ||||
| make BUILDTAGS="" | ||||
| sudo make install | ||||
| ``` | ||||
| 
 | ||||
| #### Build Tags | ||||
| 
 | ||||
| `podman` supports optional build tags for compiling support of various features. | ||||
| To add build tags to the make option the `BUILDTAGS` variable must be set. | ||||
| Podman supports optional build tags for compiling support of various features. | ||||
| To add build tags to the make option the `BUILDTAGS` variable must be set, for example: | ||||
| 
 | ||||
| ```bash | ||||
| make BUILDTAGS='seccomp apparmor' | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue