Skip to content

Instantly share code, notes, and snippets.

@GiovanniGrieco

GiovanniGrieco/Setup-Podman-on-LXC.md

Last active May 20, 2022 09:03
Show Gist options
  • Save GiovanniGrieco/b5a1ec548b993c8bc71c24f4b069d83a to your computer and use it in GitHub Desktop.
Save GiovanniGrieco/b5a1ec548b993c8bc71c24f4b069d83a to your computer and use it in GitHub Desktop.
Download ZIP
Setup Podman on LXC
Raw
Setup-Podman-on-LXC.md

Before you start, please NOTE: this guide does not cover rootless containers!

On an hypervisor with LXD installed, create a new container, ensuring that -c security.nesting=true -c security.privileged=true is set:

lxc launch -c security.nesting=true -c security.privileged=true images:fedora/35 my-container

If the container already exists, set this parameter through lxc config:

lxc config set my-container security.nesting=true
lxc config set my-container security.privileged=true

Now enter the container

lxc exec my-container bash

and install podman. Beware that in 2022 it is possible that your hypervisor runs nftables instead of iptables, so check if during the installation of podman you accidentally install anything related to legacy iptables. In fedora, you can be sure to install nftables like so:

dnf install podman iptables-nft

Now podman is ready to go for rootful containers!

podman run -it --rm alpine:latest sh  # test container

Optionally, podman can act as docker-compatible daemon by installing podman-docker and docker-compose, then enable the service podman.service through `systemctl

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment