Podman: How to use "additionalimagestores" in storage.conf ?

Created on 29 May 2020  路  12Comments  路  Source: containers/podman

I would like to setup a readonly shared image storage that multiple podman can use it. How can I pull the images to the readonly storage?

I have this line in my storage.conf
additionalimagestores = ['/storage']

Now, the question is how should I instruct the podman pull command to store the image in the "/storage" directory which I want to use as a shared readonly storage?

Thanks

picture ziXet

All 12 comments

@rhatdan and @baude are the experts here, so I'll tag them to answer

mheon picture mheon on 29 May 2020
👍1

You can do what this with.

# podman --root /usr/share/mycontainers pull alpine
Trying to pull registry.fedoraproject.org/alpine...
  manifest unknown: manifest unknown
Trying to pull registry.access.redhat.com/alpine...
  name unknown: Repo not found
Trying to pull registry.centos.org/alpine...
  manifest unknown: manifest unknown
Trying to pull docker.io/library/alpine...
Getting image source signatures
Copying blob cbdbe7a5bc2a done  
Copying config f70734b6a2 done  
Writing manifest to image destination
Storing signatures
f70734b6a266dcb5f44c383274821207885b549b75c8e119404917a61335981a
# podman --root /usr/share/mycontainers images
REPOSITORY                 TAG      IMAGE ID       CREATED       SIZE
docker.io/library/alpine   latest   f70734b6a266   5 weeks ago   5.88 MB

Now I can launch a container like the buildah container, which is configured for additional stores, and use the image

# podman run -v /usr/share/mycontainers:/var/lib/shared:ro quay.io/buildah/stable buildah images
Trying to pull quay.io/buildah/stable...
Getting image source signatures
Copying blob f85e6dec1a0b done  
Copying blob 98d006c204b6 done  
Copying blob 177f1feb6e39 done  
Copying blob 03c837e31708 done  
Copying blob 2d8f327dcfdd done  
Copying config e03a232aae done  
Writing manifest to image destination
Storing signatures
REPOSITORY                 TAG      IMAGE ID       CREATED       SIZE      R/O
docker.io/library/alpine   latest   f70734b6a266   5 weeks ago   5.88 MB   true

Note you can not share this image with rootless Podman. The issue is the User Namespaces have to match. Each rootless user of Podman runs containers in a different user namespace and this namespace is different then the root.

rhatdan picture rhatdan on 29 May 2020
👍1

Thank @rhatdan for the response. I got the first one working which is pulling images to an external storage. However, I did not quite get the "-v /usr/share/mycontainers:/var/lib/shared:ro" part. Would you please explain this a bit more? Why you didn't add "/usr/share/mycontainers" to the additionalimagestores=[] config ?
Please also let me know which podman version are you using.

Thanks again!

ziXet picture ziXet on 29 May 2020

I am writing a full blog on this issue. I will publish it soon.

rhatdan picture rhatdan on 29 May 2020
👍1

Send me an Email, and will send you a copy. [email protected]

rhatdan picture rhatdan on 29 May 2020
👍1

Send me an Email, and will send you a copy. [email protected]
sent! Thanks

ziXet picture ziXet on 29 May 2020

@ziXet Was the blog enough, even though it has not been published yet. Should be out later this month.

rhatdan picture rhatdan on 9 Jun 2020

I would like to read it as well!

siscia picture siscia on 2 Jul 2020

It will be published on Monday.

rhatdan picture rhatdan on 2 Jul 2020
1

Can you please point out to the blog post also for future references.

siscia picture siscia on 8 Jul 2020

https://www.redhat.com/sysadmin/image-stores-podman

rhatdan picture rhatdan on 8 Jul 2020

With Dan's blog being published, I think we can close the issue.

vrothberg picture vrothberg on 8 Jul 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

evelineraine picture evelineraine  路  3Comments
NooneXe picture NooneXe  路  3Comments
hong-duc picture hong-duc  路  3Comments
junjieyuan picture junjieyuan  路  4Comments
juansuerogit picture juansuerogit  路  5Comments