Skip to content

Instantly share code, notes, and snippets.

@rfairley

rfairley/silverblue-nits-when-setting-up-podman-container-vagrant-vm-workflow.md

Last active May 12, 2019 04:51
Show Gist options
  • Save rfairley/2fa1460a1c30da650b5bbc360f6c6565 to your computer and use it in GitHub Desktop.
Save rfairley/2fa1460a1c30da650b5bbc360f6c6565 to your computer and use it in GitHub Desktop.
Download ZIP
Silverblue - Nits When Setting Up Podman Container + Vagrant VM Workflow
Raw
silverblue-nits-when-setting-up-podman-container-vagrant-vm-workflow.md

Silverblue - Nits When Setting Up Podman Container + Vagrant VM Workflow

This collects some of the reference information I used when setting up my development workflow on Silverblue, and some nits along the way I encountered.

Mostly this applies for a workflow like https://github.com/projectatomic/rpm-ostree/tree/master/vagrant.

After installing vagrant-libvirt (e.g. after rpm-ostree install vagrant-libvirt and rebooting), you may need to do the following, otherwise vagrant can hit permission errors:

sudo restorecon -vR /etc/libvirt`

(note: use sudo restorecon -nvR /etc/libvirt to see what files would be changed, without changing them).

(see https://bugzilla.redhat.com/show_bug.cgi?id=1631033#c4).

If you are using a Fedora 30 container, and you mount directories from under the home directory on your host (i.e. ~), then you should manually create the symlink /home -> /var/home inside the container. This is needed because ostree-managed systems like Silverblue have this symlink in place already, but the general Fedora 30 build container does not. This can lead to "not found" errors inside the build container, even when it looks like the file was mounted into the container.

ln -s /home /var/home

For rpm-ostree in particular, the mount path from the host into the container must be the same in order for make vmsync to work (see podman run command at https://github.com/projectatomic/rpm-ostree/tree/master/vagrant#developing-using-docker--vagrant).

Also run rpm-ostree install ansible for provisioning Vagrant VMs using ansible.

rpm-ostree install virsh is handy for interacting with domains vagrant creates, in cases where vagrant destroy fails to clean up the VM. You can do virsh destroy <vm name> && virsh undefine <vm name>.

Make sure polkit is configured on your host (or add your user to the libvirt group) to avoid typing in a password on every vagrant command: coreos/rpm-ostree#49 (comment)

Things generally work best running podman containers as root (e.g. sudo podman run) as rootless podman has some limitations: https://github.com/containers/libpod/blob/master/rootless.md#shortcomings-of-rootless-podman However, try rootless podman whenever you can!

Finally workarounds for some common problems when running vagrant in general requiring manual fixes: vagrant-libvirt/vagrant-libvirt#658 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment