A Vagrant setup (Vbox + Libvirt) for Podman on Fedora-Cloud-Base. Use Podman remote-client from MacOS.

01-Vagrant_Fedora-Podman-(vbox_and_libvirt).md

Fedora VM for Podman

Use a Fedora 36 (May 10, 2022) provided Vagrant box to run Podman, and MacOS to run the Podman client.

• https://podman.io/
• https://alt.fedoraproject.org/cloud/

For x86_64 VirtualBox and LibVirt hosts.

setup

git clone https://gist.github.com/craig-m-unsw/db5cf800b8057f8e8401fde017c0c01b fedora-podman-vm
cd fedora-podman-vm
cat <<'EOF' >> .gitignore
.vagrant
local/
*.log
EOF
mkdir -pv local/
touch local/test.txt

Start the VM with Podman:

vagrant validate Vagrantfile
vagrant up

Testing the VM, login and start a container called test123.

vagrant ssh
tmux
podman info
podman --remote info
# Red Hat 8 Universal Base Image
podman run --name=test123 -it registry.access.redhat.com/ubi8/ubi /bin/bash

You should have a root shell in this RH8 Universal Base Image now, if you run podman ps from another shell in the VM you can see this container.

Using

Use Podman from your host system (outside the VM).

If you want a front-end: https://github.com/containers/podman-desktop

MacOS

Install podman client: https://formulae.brew.sh/formula/podman

brew install podman

Setup remote client:

myprivkey=$(vagrant ssh-config | grep IdentityFile | awk '{ print $2 }')
myport=$(vagrant ssh-config | grep Port | awk '{ print $2 }')
podman system connection add podmanvm ssh://vagrant@127.0.0.1:${myport}/run/user/1000/podman/podman.sock --identity ${myprivkey}
podman system connection list
podman info
podman ps

You should see the container test123 running still in the output to ps.

Run another container:

podman run hello-world

The Client/Server information output from podman version

Client:       Podman Engine
Version:      4.2.1
API Version:  4.2.1
Go Version:   go1.18.6
Built:        Wed Sep  7 05:16:02 2022
OS/Arch:      darwin/amd64

Server:       Podman Engine
Version:      4.2.1
API Version:  4.2.1
Go Version:   go1.18.5
Built:        Thu Sep  8 05:58:19 2022
OS/Arch:      linux/amd64

to clean up from the host run:

podman system connection remove podmanvm
vagrant destroy

container

See the example Dockerfile.

Build and run from the host:

podman build . -t sysadm1
podman run -it sysadm1 /bin/bash

docs

• https://www.redhat.com/sysadmin/podman-clients-macos-windows
• https://docs.podman.io/en/latest/Commands.html
• https://github.com/containers/podman/blob/main/docs/tutorials/remote_client.md
• https://docs.fedoraproject.org/en-US/fedora/latest/

Dockerfile

FROM ubuntu:latest
LABEL random.description="misc tooling container"

RUN apt-get update && apt-get install -y locales \
    && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8

ENV LANG en_US.utf8
ENV TZ=Etc/UTC

RUN apt-get install -y -q \
    tmux vim git curl whois lynx python3 python3-pip python3-venv \
    man man-db && rm -rf /var/lib/apt/lists/*

RUN groupadd --system sysadmin && \
    useradd --system --gid sysadmin --home-dir /home/sysadmin --shell /bin/bash \
    --comment "non root user" sysadmin && \
    mkdir -pv /home/sysadmin/docs /mnt/remote && \
    chown sysadmin:sysadmin /home/sysadmin /mnt/remote

ENV HOME=/home/sysadmin
USER sysadmin
WORKDIR /home/sysadmin
CMD ["bash"]

Vagrantfile

Vagrant.require_version ">= 2.3.0"

BOX_BASE_URL = "https://download-cc-rdu01.fedoraproject.org/pub/fedora/linux/releases/36/Cloud/x86_64/images/"
BOX_PREFIX = "Fedora-Cloud-Base-Vagrant-36-1.5.x86_64"

$script_prov_root = <<-SCRIPT
dnf update -x kernel-* -y
# install podman and tools
dnf install -y tmux git curl vim htop bats gcc redhat-lsb-core \
    make automake autoconf gettext python3-virtualenv python3-pip \
    podman skopeo buildah libvarlink-util libvarlink dbus-daemon
# podman group
groupadd -f -r podman
usermod -aG podman vagrant
# setup podman
systemctl daemon-reload
systemctl enable --user podman.socket
systemctl start --user podman.socket
echo "d /run/podman 0770 root podman" > /etc/tmpfiles.d/podman.conf
systemd-tmpfiles --create
systemctl restart podman.socket
loginctl enable-linger vagrant
SCRIPT

$script_prov_user = <<-SCRIPT
systemctl --user enable podman.service
systemctl --user start podman.service
mkdir -pv ~/{.local,temp,downloads,vol1}
echo "test123" > ~/vol1/test.txt
SCRIPT

Vagrant.configure("2") do |config|
    config.vm.box = "fedora/36-cloud-base"

    # VM options
    config.vm.box_check_update = false
    config.vm.synced_folder "./source", "/vagrant", disabled: true
    config.ssh.keep_alive = true
    config.ssh.compression = false
    config.ssh.forward_agent = false
    config.ssh.insert_key = true


    # VirtualBox
    config.vm.provider :virtualbox do |virtualbox, override|
        override.vm.box_url = BOX_BASE_URL + BOX_PREFIX + ".vagrant-virtualbox.box"
        override.vm.box_download_checksum_type = "sha256"
        override.vm.box_download_checksum = "127ee8586e690a9b2251ba5d4a2ed522051b9f8c7efaf1f2bc4aa8b3b9cb5ec1"
        # sys
        virtualbox.gui = false
        virtualbox.memory = 4096
        virtualbox.cpus = 4
        virtualbox.check_guest_additions = true
    end

    # LibVirt
    config.vm.provider :libvirt do |libv, override|
        override.vm.box_url = BOX_BASE_URL + BOX_PREFIX + ".vagrant-libvirt.box"
        override.vm.box_download_checksum_type = "sha256"
        override.vm.box_download_checksum = "afa6304fddb15aaa1a4877c251ac15482726877c86861ed23385ef9f7750f9c0"
    end

    # provision scripts
    config.vm.provision :shell,
        name: "root setup script",
        inline: $script_prov_root,
        :privileged => true

    config.vm.provision :shell,
        name: "user setup script",
        inline: $script_prov_user,
        :privileged => false

end