From 90216f7d214fb9e7080baa6de81d8a4335e5b86e Mon Sep 17 00:00:00 2001 From: Fabien Dupont Date: Thu, 22 Aug 2024 03:33:57 -0400 Subject: [PATCH] Share the additional container storage We need to share container image storage between rootless users, so that we don't need `sudo` and we don't duplicate the `instructlab` image. This change follows the Red Hat solution to [create additional image store for rootless users](https://access.redhat.com/solutions/6206192). The `/usr/lib/containers/storage` folder can be read by anyone and new users will inherit a default configuration via `/etc/skel` that configures the additional storage. Signed-off-by: Fabien Dupont --- training/nvidia-bootc/Containerfile | 5 ++++- training/nvidia-bootc/containers-storage.conf | 13 +++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 training/nvidia-bootc/containers-storage.conf diff --git a/training/nvidia-bootc/Containerfile b/training/nvidia-bootc/Containerfile index 64a18716..c3c0da95 100644 --- a/training/nvidia-bootc/Containerfile +++ b/training/nvidia-bootc/Containerfile @@ -190,7 +190,10 @@ RUN --mount=type=secret,id=${INSTRUCTLAB_IMAGE_PULL_SECRET}/.dockerconfigjson \ IID=$(sudo podman --root /usr/lib/containers/storage pull --authfile /run/secrets/${INSTRUCTLAB_IMAGE_PULL_SECRET}/.dockerconfigjson ${INSTRUCTLAB_IMAGE}); \ else \ IID=$(sudo podman --root /usr/lib/containers/storage pull ${INSTRUCTLAB_IMAGE}); \ - fi + fi && \ + chmod -R a+rX /usr/lib/containers/storage + +COPY containers-storage.conf /etc/skel/.config/containers/storage.conf RUN podman system reset --force 2>/dev/null diff --git a/training/nvidia-bootc/containers-storage.conf b/training/nvidia-bootc/containers-storage.conf new file mode 100644 index 00000000..36f6e555 --- /dev/null +++ b/training/nvidia-bootc/containers-storage.conf @@ -0,0 +1,13 @@ +[storage] + driver = "overlay" +[storage.options] + size = "" + remap-uids = "" + remap-gids = "" + ignore_chown_errors = "" + remap-user = "" + remap-group = "" + skip_mount_home = "" + mount_program = "/usr/bin/fuse-overlayfs" + mountopt = "" +additionalimagestores = [ "/usr/lib/containers/storage",]