chore: add current provisioning state before migration

taskservs/podman/default/env-podman.j2

@@ -0,0 +1 @@
+PODMAN_VERSION="{{taskserv.version}}"

taskservs/podman/default/install-podman.sh

@@ -0,0 +1,52 @@
+#!/bin/bash
+# Info: Script to install podman
+# Author: JesusPerezLorenzo  
+# Release: 1.0 
+# Date: 12-11-2023
+
+USAGE="install-podman-os.sh "
+[ "$1" == "-h"  ] && echo "$USAGE"  && exit 1
+#ORG=$(pwd)
+_update_podman() {
+    local has_podman
+    local curr_version
+    has_podman=$(type podman 2>/dev/null)
+    if [ -n "$has_podman" ] ; then 
+      curr_version=$(podman version | grep "^Version" | cut -f2 -d":" | sed "s/ //g")
+    fi
+    [ "$PODMAN_VERSION" == "$curr_version" ] && return 
+    echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
+    DEBIAN_FRONTEND=noninteractive sudo apt-get update
+    DEBIAN_FRONTEND=noninteractive sudo apt-get upgrade -y
+    DEBIAN_FRONTEND=noninteractive sudo apt-get -y -qq install python3 python3-pip 
+    DEBIAN_FRONTEND=noninteractive sudo apt-get -y -qq install podman  podman-compose
+
+    DEBIAN_FRONTEND=noninteractive sudo apt autoremove -y
+}
+
+_config_sysctl() {
+  sudo sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
+  has_nolocal_bint=$(sudo grep "net.ipv4.ip_nonlocal_bind = 1" /etc/sysctl.conf)
+  if [ -z "$has_nolocal_bind" ] ; then
+    echo "net.ipv4.ip_nonlocal_bind = 1" | sudo tee -a /etc/sysctl.conf >>$cmd_out
+    echo "net.ipv4.ip_unprivileged_port_start=25" | sudo tee -a /etc/sysctl.conf >>$cmd_out
+    #echo "net.bridge.bridge-nf-call-iptables=1" | sudo tee -a /etc/sysctl.conf
+    sudo modprobe br_netfilter
+    echo 1 | sudo tee -a /proc/sys/net/bridge/bridge-nf-call-iptables >>$cmd_out
+  fi
+  sudo sysctl -p >>$cmd_out
+  return 0
+}
+
+_config_podman() {
+  if [ -r "libpod.conf" ] && [ -d "/etc/containers" ] ; then
+    sudo cp libpod.conf /etc/containers
+  fi
+  _config_sysctl
+}
+
+[ -r "./env-podman"  ] && . ./env-podman
+
+# Update and add packages to installation
+[ -z "$1" ] || [ "$1" == "podman" ] && _update_podman
+_config_podman

taskservs/podman/default/libpod.conf.j2

@@ -0,0 +1,176 @@
+# libpod.conf(5) is the default configuration file for all tools using
+# libpod to manage containers
+
+# Default transport method for pulling and pushing for images
+image_default_transport = "docker://"
+
+# Paths to look for the conmon container manager binary.
+# If the paths are empty or no valid path was found, then the `$PATH`
+# environment variable will be used as the fallback.
+conmon_path = [
+    "/usr/bin/conmon",
+    "/usr/sbin/conmon",
+    "/usr/libexec/podman/conmon",
+    "/usr/local/libexec/crio/conmon",
+    "/usr/lib/podman/bin/conmon",
+    "/usr/libexec/crio/conmon",
+    "/usr/lib/crio/bin/conmon"
+]
+
+# Environment variables to pass into conmon
+conmon_env_vars = [
+    "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+]
+
+# CGroup Manager - valid values are "systemd" and "cgroupfs"
+cgroup_manager = "systemd"
+
+# Container init binary
+#init_path = "/usr/bin/tini"
+#init_path = "/usr/bin/tini-static"
+#init_path = "/usr/bin/dumb-init"
+#init_path = "/usr/bin/catatonit"
+
+
+# Directory for persistent libpod files (database, etc)
+# By default, this will be configured relative to where containers/storage
+# stores containers
+# Uncomment to change location from this default
+#static_dir = "/var/lib/containers/storage/libpod"
+
+# Directory for temporary files. Must be tmpfs (wiped after reboot)
+tmp_dir = "/var/run/libpod"
+
+# Maximum size of log files (in bytes)
+# -1 is unlimited
+max_log_size = -1
+
+# Whether to use chroot instead of pivot_root in the runtime
+no_pivot_root = false
+
+# Directory containing CNI plugin configuration files
+cni_config_dir = "/etc/cni/net.d/"
+
+# Directories where the CNI plugin binaries may be located
+cni_plugin_dir = [
+    "/usr/lib/cni",
+    "/usr/local/lib/cni",
+    "/opt/cni/bin"
+]
+
+# Default CNI network for libpod.
+# If multiple CNI network configs are present, libpod will use the network with
+# the name given here for containers unless explicitly overridden.
+# The default here is set to the name we set in the
+# 87-podman-bridge.conflist included in the repository.
+# Not setting this, or setting it to the empty string, will use normal CNI
+# precedence rules for selecting between multiple networks.
+cni_default_network = "podman"
+
+# Default libpod namespace
+# If libpod is joined to a namespace, it will see only containers and pods
+# that were created in the same namespace, and will create new containers and
+# pods in that namespace.
+# The default namespace is "", which corresponds to no namespace. When no
+# namespace is set, all containers and pods are visible.
+#namespace = ""
+
+# Default infra (pause) image name for pod infra containers
+infra_image = "k8s.gcr.io/pause:3.1"
+
+# Default command to run the infra container
+infra_command = "/pause"
+
+# Determines whether libpod will reserve ports on the host when they are
+# forwarded to containers. When enabled, when ports are forwarded to containers,
+# they are held open by conmon as long as the container is running, ensuring that
+# they cannot be reused by other programs on the host. However, this can cause
+# significant memory usage if a container has many ports forwarded to it.
+# Disabling this can save memory.
+#enable_port_reservation = true
+
+# Default libpod support for container labeling
+# label=true
+
+# The locking mechanism to use
+lock_type = "shm"
+
+# Number of locks available for containers and pods.
+# If this is changed, a lock renumber must be performed (e.g. with the
+# 'podman system renumber' command).
+num_locks = 2048
+
+# Directory for libpod named volumes.
+# By default, this will be configured relative to where containers/storage
+# stores containers.
+# Uncomment to change location from this default.
+#volume_path = "/var/lib/containers/storage/volumes"
+
+# Selects which logging mechanism to use for Podman events.  Valid values
+# are `journald` or `file`.
+# events_logger = "journald"
+
+# Specify the keys sequence used to detach a container.
+# Format is a single character [a-Z] or a comma separated sequence of
+# `ctrl-<value>`, where `<value>` is one of:
+# `a-z`, `@`, `^`, `[`, `\`, `]`, `^` or `_`
+#
+# detach_keys = "ctrl-p,ctrl-q"
+
+# Default OCI runtime
+{% if taskserv.default_runtime -%} 
+runtime = "{{taskserv.default_runtime}}"
+{% else -%} 
+runtime = "crun"
+{% endif -%} 
+
+{% if taskserv.runtimes is containing("crun") -%} 
+#runtime = "crun"
+{% endif -%} 
+{% if taskserv.runtimes is containing("runc") -%} 
+#runtime = "runc"
+{% endif -%} 
+{% if taskserv.runtimes is containing("youki") -%} 
+#runtime = "youki"
+{% endif -%} 
+
+# List of the OCI runtimes that support --format=json.  When json is supported
+# libpod will use it for reporting nicer errors.
+runtime_supports_json = ["crun", "runc"]
+
+# List of all the OCI runtimes that support --cgroup-manager=disable to disable
+# creation of CGroups for containers.
+runtime_supports_nocgroups = ["crun"]
+
+# Paths to look for a valid OCI runtime (runc, runv, etc)
+# If the paths are empty or no valid path was found, then the `$PATH`
+# environment variable will be used as the fallback.
+[runtimes]
+
+runc = [
+{% if taskserv.runtimes is containing("runc") -%} 
+    "/usr/local/bin/runc",
+{% else %} 
+    "/usr/sbin/runc",
+{% endif -%} 
+]
+
+crun = [
+{% if taskserv.runtimes is containing("crun") -%} 
+    "/usr/local/bin/crun",
+{% else %} 
+    "/usr/bin/crun",
+{% endif -%} 
+]
+
+{% if taskserv.runtimes is containing("youki") -%} 
+youki = [
+"/usr/local/bin/youki",
+]
+{% endif -%} 
+
+# The [runtimes] table MUST be the last thing in this file.
+# (Unless another table is added)
+# TOML does not provide a way to end a table other than a further table being
+# defined, so every key hereafter will be part of [runtimes] and not the main
+# config.