Molecule: Buildah/Podman/CRI-O Virtualization Driver

Created on 8 Nov 2018  路  11Comments  路  Source: ansible-community/molecule

Issue Type

  • Feature request

Molecule and Ansible details

Ansible 2.7
Molecule 2.19

Molecule installation method (one of):

  • pip

Ansible installation method (one of):

  • OS package

Desired Behavior

Similar to how the docker driver is setup for creating the virtualized environment using containers, Buildah (or even possibly Podman) support could provide the same functionality without the need of root privileges or the docker daemon via the use of CRI-O.

$ molecule init role --role-name example --driver-name buildah

https://docs.ansible.com/ansible/2.7/plugins/connection/buildah.html

enhancement help wanted
Source
picture ekultails
👍4

All 11 comments

cc @TomasTomecek

webknjaz picture webknjaz on 8 Nov 2018

@ekultails seek for ideas @ https://github.com/TomasTomecek/ansible-bender :)

webknjaz picture webknjaz on 8 Nov 2018

Related: https://github.com/ansible/ansible/pull/47519

TomasTomecek picture TomasTomecek on 9 Nov 2018
👍1

Hello I am looking to work into this, is someone already doing it ?

qinqon picture qinqon on 14 Feb 2019

@qinqon probably not. Feel free to take a crack on it :)

webknjaz picture webknjaz on 16 Feb 2019

Anyone started working on this?

6sossomons picture 6sossomons on 5 Jun 2019

This would be highly appreciated!

S1SYPHOS picture S1SYPHOS on 10 Jun 2019

Based on some talks in the TripleO community, the CRI-O virtualization driver would actually probably use podman instead of buildah. Both utilize CRI-O instead of docker. The current road block is a wait on a few more Ansible modules to be finished/polished to better support management operations for podman containers.

ekultails picture ekultails on 10 Jun 2019

When implementing this we may want to consider a fallback mecanisms regarding which container virtualization engine to be used. It would be very useful to be able to tell molecule to "use podman if available but fallback to docker if not", especially as availability varies a lot across various platforms.

As far as I know, nobody is working in adding this now which means that we would welcome any help towards this direction.

ssbarnea picture ssbarnea on 11 Jun 2019

I created POC for podman support in #2098 and it even works: https://paste.fedoraproject.org/paste/xmcf-jA99t6alKQTQ2S49Q
This patch still requires polish like removing docker-leftovers.
Also you may have problem with ansible podman plugin connection, it may fail because of "permission denied" so you can use my patch to ansible to fix it: https://github.com/ansible/ansible/pull/57741
The question is - do we want to wait until ansible has podman fully supported, or at least the main functionality? Or it's fine to go with this POC path and then to change podman CLI commands step by step as they are introduced in ansible?
Please comment, thanks.

P.S. for using podman you need to specify 

driver:
  name: podman

in your molecule playbook.

sshnaidm picture sshnaidm on 12 Jun 2019
👍1

I tested the above change and seems to be working.

ssbarnea picture ssbarnea on 12 Jun 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

r0ckyte picture r0ckyte  路  4Comments
beenje picture beenje  路  4Comments
brucellino picture brucellino  路  4Comments
r0ckyte picture r0ckyte  路  5Comments
asg1612 picture asg1612  路  4Comments