Puppet Class: podman

Defined in:
manifests/init.pp

Summary

Manage containers, pods, volumes, and images with podman without a docker daemon

Overview

Examples:

Basic usage

include podman

A rootless Jenkins deployment using hiera

podman::subid:
  jenkins:
    subuid: 2000000
    count: 65535
podman::volumes:
  jenkins:
    user: jenkins
podman::containers:
  jenkins:
    user: jenkins
    image: 'docker.io/jenkins/jenkins:lts'
    flags:
      label:
        - purpose=test
      publish:
        - '8080:8080'
        - '50000:50000'
      volume: 'jenkins:/var/jenkins_home'
    service_flags:
      timeout: '60'
    require:
      - Podman::Volume[jenkins]

Parameters:

  • podman_pkg (String) (defaults to: 'podman')

    The name of the podman package (default ‘podman’)

  • skopeo_pkg (String) (defaults to: 'skopeo')

    The name of the skopeo package (default ‘skopeo’)

  • buildah_pkg (String) (defaults to: 'buildah')

    The name of the buildah package (default ‘buildah’)

  • podman_docker_pkg (String) (defaults to: 'podman-docker')

    The name of the podman-docker package (default ‘podman-docker’).

  • compose_pkg (String) (defaults to: 'podman-compose')

    The name of the podman-compose package (default ‘podman-compose’).

  • machinectl_pkg (String) (defaults to: 'systemd-container')

    The name of the machinectl package (default ‘systemd-container’).

  • buildah_pkg_ensure (Enum['absent', 'installed']) (defaults to: 'absent')

    The ensure value for the buildah package (default ‘absent’)

  • podman_docker_pkg_ensure (Enum['absent', 'installed']) (defaults to: 'installed')

    The ensure value for the podman docker package (default ‘installed’)

  • compose_pkg_ensure (Enum['absent', 'installed']) (defaults to: 'absent')

    The ensure value for the podman-compose package (default ‘absent’)

  • machinectl_pkg_ensure (Enum['absent', 'installed']) (defaults to: 'installed')

    The ensure value for the machinectl package (default ‘installed’)

  • nodocker (Enum['absent', 'file']) (defaults to: 'absent')

    Should the module create the ‘/etc/containers/nodocker` file to quiet Docker CLI messages. Values should be either ’file’ or ‘absent’. (default is ‘absent’)

  • storage_options (Hash) (defaults to: {})

    A hash containing any storage options you wish to set in /etc/containers/storage.conf

  • rootless_users (Array) (defaults to: [])

    An array of users to manage using [‘podman::rootless`](#podmanrootless)

  • enable_api_socket (Boolean) (defaults to: false)

    The enable value of the API socket (default ‘false`)

  • manage_subuid (Boolean) (defaults to: false)

    Should the module manage the ‘/etc/subuid` and `/etc/subgid` files (default is false) The implementation uses [concat](forge.puppet.com/puppetlabs/concat) fragments to build out the subuid/subgid entries. If you have a large number of entries you may want to manage them with another method. You cannot use the `subuid` and `subgid` defined types unless this is `true`.

  • file_header (String) (defaults to: '# FILE MANAGED BY PUPPET')

    Optional header when ‘manage_subuid` is true. Ensure you include a leading `#`. Default file_header is `# FILE MANAGED BY PUPPET`

  • match_subuid_subgid (Boolean) (defaults to: true)

    Enable the ‘subid` parameter to manage both subuid and subgid entries with the same values. This setting requires `manage_subuid` to be `true` or it will have no effect. (default is true)

  • subid (Hash) (defaults to: {})

    A hash of users (or UIDs) with assigned subordinate user ID number and an count. Implemented by using the ‘subuid` and `subgid` defined types with the same data. Hash key `subuid` is the subordinate UID, and `count` is the number of subordinate UIDs

  • pods (Hash) (defaults to: {})

    A hash of pods to manage using [‘podman::pod`](#podmanpod)

  • volumes (Hash) (defaults to: {})

    A hash of volumes to manage using [‘podman::volume`](#podmanvolume)

  • images (Hash) (defaults to: {})

    A hash of images to manage using [‘podman::image`](#podmanimage)

  • containers (Hash) (defaults to: {})

    A hash of containers to manage using [‘podman::container`](#podmancontainer)

  • networks (Hash) (defaults to: {})

    A hash of networks to manage using [‘podman::network`](#podmannetwork)



108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
 
# File 'manifests/init.pp', line 108

class podman (
  String $podman_pkg                                    = 'podman',
  String $skopeo_pkg                                    = 'skopeo',
  String $buildah_pkg                                   = 'buildah',
  String $podman_docker_pkg                             = 'podman-docker',
  String $compose_pkg                                   = 'podman-compose',
  String $machinectl_pkg                                = 'systemd-container',
  Enum['absent', 'installed'] $buildah_pkg_ensure       = 'absent',
  Enum['absent', 'installed'] $podman_docker_pkg_ensure = 'installed',
  Enum['absent', 'installed'] $compose_pkg_ensure       = 'absent',
  Enum['absent', 'installed'] $machinectl_pkg_ensure    = 'installed',
  Enum['absent', 'file'] $nodocker                      = 'absent',
  Hash $storage_options                                 = {},
  Array $rootless_users                                 = [],
  Boolean $enable_api_socket                            = false,
  Boolean $manage_subuid                                = false,
  Boolean $match_subuid_subgid                          = true,
  String $file_header                                   = '# FILE MANAGED BY PUPPET',
  Hash $subid                                           = {},
  Hash $pods                                            = {},
  Hash $volumes                                         = {},
  Hash $images                                          = {},
  Hash $containers                                      = {},
  Hash $networks                                        = {},
){
  include podman::install
  include podman::options
  include podman::service

  # Create resources from parameter hashes
  $pods.each |$name, $properties| { Resource['Podman::Pod'] { $name: * => $properties, } }
  $volumes.each |$name, $properties| { Resource['Podman::Volume'] { $name: * => $properties, } }
  $images.each |$name, $properties| { Resource['Podman::Image'] { $name: * => $properties, } }
  $containers.each |$name, $properties| { Resource['Podman::Container'] { $name: * => $properties, } }
  $networks.each |$name, $properties| { Resource['Podman::Network'] { $name: * => $properties, } }

  $rootless_users.each |$user| {
    unless defined(Podman::Rootless[$user]) {
      podman::rootless { $user: }
    }

    User <| title == $user |> -> Podman::Rootless <| title == $user |>
  }
}