As using proxmox as my homelab hypervisor and does prefer using lxc over vm and podman overdocker. For LXC OS, tested several OS, but archlinux could give us the latest podman version to work with. This post is going to guide you how to setup podman with overlay storage in archlinux LXC.
Create Archlinux LXC
It should be very straight forward to create Archlinux LXC - follow Proxmox sequences - with enable option: fuse,keyctl and nesting.
Below is my LXC settings for this archlinux LXC:
arch: amd64
cores: 2
features: fuse=1,keyctl=1,nesting=1
hostname: arch
memory: 2048
net0: name=eth0,bridge=vmbr1,hwaddr=B2:6E:DA:40:17:DE,ip=dhcp,ip6=dhcp,type=veth
ostype: archlinux
rootfs: epool:basevol-104-disk-0,size=4G
swap: 0
tags: archlinux;lxc;podman
template: 1
unprivileged: 1Load overlay kernel module in Proxmox
I am using latest proxmox version: pve-manager/8.0.4/d258a813cfa6b390 (running kernel: 6.2.16-15-pve) with ZFS storage.
To load overlay kernel module:
modprobe overlayArchlinux LXC prepare
1) Upgrade to latest version
pacman-key --populate archlinux
pacman -Syu2) Install needed packages
pacman -S fuse-overlayfs podman podman-compose slirp4netns aardvark-dns
where:
fuse-overlayfsis needed for overlay storage working withfuseoverlaypodman,podman-compose- our main podman binary- slirp4netns aardvark-dns for podman network support
Then enjoy the result:
podman info
host:
arch: amd64
buildahVersion: 1.32.0
cgroupControllers:
- cpu
- memory
- pids
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: /usr/bin/conmon is owned by conmon 1:2.1.8-1
path: /usr/bin/conmon
version: 'conmon version 2.1.8, commit: 00e08f4a9ca5420de733bf542b930ad58e1a7e7d'
cpuUtilization:
idlePercent: 98.78
systemPercent: 0.46
userPercent: 0.76
cpus: 2
databaseBackend: boltdb
distribution:
distribution: arch
version: unknown
eventLogger: journald
freeLocks: 2047
hostname: plex
idMappings:
gidmap: null
uidmap: null
kernel: 6.2.16-15-pve
linkmode: dynamic
logDriver: journald
memFree: 1916936192
memTotal: 2147483648
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: /usr/lib/podman/aardvark-dns is owned by aardvark-dns 1.8.0-1
path: /usr/lib/podman/aardvark-dns
version: aardvark-dns 1.8.0
package: /usr/lib/podman/netavark is owned by netavark 1.8.0-1
path: /usr/lib/podman/netavark
version: netavark 1.8.0
ociRuntime:
name: crun
package: /usr/bin/crun is owned by crun 1.9.2-1
path: /usr/bin/crun
version: |-
crun version 1.9.2
commit: 35274d346d2e9ffeacb22cc11590b0266a23d634
rundir: /run/user/0/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
os: linux
pasta:
executable: ""
package: ""
version: ""
remoteSocket:
exists: false
path: /run/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: false
seccompEnabled: true
seccompProfilePath: /etc/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: /usr/bin/slirp4netns is owned by slirp4netns 1.2.2-1
version: |-
slirp4netns version 1.2.2
commit: 0ee2d87523e906518d34a6b423271e4826f71faf
libslirp: 4.7.0
SLIRP_CONFIG_VERSION_MAX: 4
libseccomp: 2.5.4
swapFree: 0
swapTotal: 0
uptime: 0h 13m 27.00s
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries: {}
store:
configFile: /etc/containers/storage.conf
containerStore:
number: 1
paused: 0
running: 0
stopped: 1
graphDriverName: overlay
graphOptions:
overlay.mountopt: nodev
graphRoot: /var/lib/containers/storage
graphRootAllocated: 4294967296
graphRootUsed: 922484736
graphStatus:
Backing Filesystem: zfs
Native Overlay Diff: "false"
Supports d_type: "true"
Supports shifting: "true"
Supports volatile: "true"
Using metacopy: "false"
imageCopyTmpDir: /var/tmp
imageStore:
number: 1
runRoot: /run/containers/storage
transientStore: false
volumePath: /var/lib/containers/storage/volumes
version:
APIVersion: 4.7.1
Built: 1696583554
BuiltTime: Fri Oct 6 09:12:34 2023
GitCommit: ef83eeb9c7482826672f3efa12db3d61c88df6c4-dirty
GoVersion: go1.21.1
Os: linux
OsArch: linux/amd64
Version: 4.7.1