Skip to content

Instantly share code, notes, and snippets.

Last active Feb 1, 2022
What would you like to do?
Rootful Podman on RockyLinux for lima-vm
# Example to use Podman instead of containerd & nerdctl
# $ limactl start ./podman.yaml
# $ limactl shell podman podman run -it -v $HOME:$HOME --rm
# To run `podman` on the host (assumes podman-remote is installed):
# $ export CONTAINER_HOST=$(limactl list podman --format 'unix://{{.Dir}}/sock/podman.sock')
# $ podman --remote ...
# To run `docker` on the host (assumes docker-cli is installed):
# $ export DOCKER_HOST=$(limactl list podman --format 'unix://{{.Dir}}/sock/podman.sock')
# $ docker ...
# This example requires Lima v0.8.0 or later
- location: ""
arch: "x86_64"
digest: "sha256:c23f58f26f73fb9ae92bfb4cf881993c23fdce1bbcfd2881a5831f90373ce0c8"
- location: ""
arch: "aarch64"
digest: "sha256:f13cfa7b5e449cc165181a1efbea5b1cdce73ef6a5d6bb24c22b50f67f1f8fe2"
- location: "~"
- location: "/tmp/lima"
writable: true
legacyBIOS: true
system: false
user: false
- mode: system
script: |
set -eux -o pipefail
command -v podman >/dev/null 2>&1 && exit 0
dnf install -y podman
mkdir -p /etc/systemd/system/podman.socket.d
echo -e "[Socket]\nSocketUser=$LIMA_CIDATA_UID" > /etc/systemd/system/podman.socket.d/socketuser.conf
systemctl daemon-reload
systemctl enable --now podman.socket
- script: |
set -eux -o pipefail
if ! timeout 30s bash -c "until command -v podman >/dev/null 2>&1; do sleep 3; done"; then
echo >&2 "podman is not installed yet"
exit 1
hint: See "/var/log/cloud-init-output.log". in the guest
- guestSocket: "/run/podman/podman.sock"
hostSocket: "{{.Dir}}/sock/podman.sock"
message: |
To run `podman` on the host (assumes podman-remote is installed):
$ export CONTAINER_HOST=unix://{{.Dir}}/sock/podman.sock
$ podman{{if eq .HostOS "linux"}} --remote{{end}} ...
To permanently configure the podman backend:
$ podman-remote system connection add --default lima unix://{{.Dir}}/sock/podman.sock
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment