Skip to content

Commit

Permalink
Add feature to use binary version of crun
Browse files Browse the repository at this point in the history
This is to workaround issues in the package shipped by the OS[1].

[1] containers/crun#1308

Closes-Bug: #2056210
Change-Id: I16f83d7e9cc127ce6997a85097d1517ce54fbefc
  • Loading branch information
jovial committed Mar 6, 2024
1 parent 70f3a39 commit fc71a46
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 0 deletions.
3 changes: 3 additions & 0 deletions roles/podman/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@ apt_cache_valid_time: 3600
podman_packages:
- "podman"

podman_enable_binary_crun: "{{ ansible_facts.distribution == 'Ubuntu' and ansible_facts.distribution_version == '22.04' }}"
podman_binary_crun_url: "https://github.com/containers/crun/releases/download/1.14.4/crun-1.14.4-linux-amd64"

# Podman config variables
podman_storage_driver:
podman_runtime_directory:
Expand Down
21 changes: 21 additions & 0 deletions roles/podman/tasks/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -75,3 +75,24 @@
when:
- podman_registry is not none
- podman_registry_ca is not none

- name: Template containers.conf to use crun binary
# NOTE(wszumski): Workaround for known issue with crun when running via systemd, see:
# https://github.com/containers/crun/issues/1308
vars:
runtime: |-
[engine.runtimes]
crun = ["/opt/bin/crun"]
copy:
dest: /etc/containers/containers.conf.d/runtime.conf
content: "{{ runtime }}"
mode: '0644'
become: true
when: podman_enable_binary_crun | bool

- name: Ensure containters.conf crun customisation is removed
file:
path: /etc/containers/containers.conf.d/runtime.conf
state: absent
become: true
when: not podman_enable_binary_crun | bool
21 changes: 21 additions & 0 deletions roles/podman/tasks/install.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,27 @@
become: True
register: podman_install_result

- block:
- name: Ensure /opt/bin exists
file:
path: /opt/bin
state: directory
owner: root
group: root
mode: 0777
become: true

- name: Download crun binary
# NOTE(wszumski): Workaround for known issue with crun when running via systemd, see:
# https://github.com/containers/crun/issues/1308
ansible.builtin.get_url:
url: "{{ podman_binary_crun_url }}"
dest: /opt/bin/crun
mode: '0755'
become: true

when: podman_enable_binary_crun | bool

# If any packages were updated, and any containers were running, wait for the
# daemon to come up and start all previously running containers.

Expand Down

0 comments on commit fc71a46

Please sign in to comment.