Last active
May 2, 2024 13:07
-
-
Save iversond/6bad85b2b3f91056f2402484e2f517c3 to your computer and use it in GitHub Desktop.
Prepare a host server to run PeopleSoft Containers with Podman
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Configure current user for rootless containers | |
| echo "${USER}:231072:65536" | sudo tee -a "/etc/subuid" | |
| echo "${USER}:231072:65536" | sudo tee -a "/etc/subgid" | |
| /bin/systemctl --user daemon-reload | |
| podman system migrate | |
| # Configure container.conf | |
| sudo cp "/usr/share/containers/containers.conf" "/etc/containers" | |
| sudo sed -i 's/network_backend = "cni"/network_backend = "netavark"/g' "/etc/containers/containers.conf" | |
| sudo sed -i 's/#stop_timeout = 10/stop_timeout = 90/g' "/etc/containers/containers.conf" | |
| # Configure storage.conf | |
| sudo sed -i 's|# rootless_storage_path = "$HOME/.local/share/containers/storage"|rootless_storage_path = "/scratch/podmanstorage/share/containers/storage"|g' "/etc/containers/storage.conf" | |
| sudo mkdir -p "/scratch/podmanstorage/share/containers/storage" | |
| sudo chmod 777 "/scratch" | |
| sudo chmod 777 -R "/scratch/podmanstorage" | |
| # Setup Podman TMPDIR | |
| sudo mkdir -p "/scratch/tmp" | |
| sudo chmod -R 777 "/scratch/tmp" | |
| # Allow contianers to run in background | |
| sudo loginctl enable-linger "$(whoami)" | |
| sudo touch "/etc/containers/nodocker" | |
| # Set .bashrc for current user | |
| tee -a ~/.bash_profile <<EOF | |
| export BUILDAH_FORMAT=docker | |
| export BUILDAH_ISOLATION=chroot | |
| export TMPDIR=/scratch/tmp | |
| EOF | |
| source ~/.bash_profile | |
| # Configure host for Opensearch | |
| sudo tee -a "/etc/sysctl.conf" <<EOF | |
| # sysctl setting for Peopletools | |
| kernel.msgmnb = 65538 | |
| kernel.msgmni = 1024 | |
| kernel.msgmax = 65536 | |
| kernel.shmmax = 68719476736 | |
| kernel.shmall = 4294967296 | |
| kernel.core_uses_pid = 1 | |
| net.ipv4.tcp_keepalive_time = 90 | |
| net.ipv4.tcp_timestamps = 1 | |
| net.ipv4.tcp_window_scaling = 1 | |
| net.ipv4.ip_local_port_range = 10000 65500 | |
| # sysctl setting for Peopletools search | |
| vm.max_map_count=262144 | |
| net.core.somaxconn=1024 | |
| net.ipv4.ip_unprivileged_port_start = 80 | |
| EOF | |
| sudo /sbin/sysctl -p | |
| sudo tee -a "/etc/security/limits.conf" <<EOF | |
| ${USER} soft nofile 65536 | |
| ${USER} hard nofile 65536 | |
| ${USER} soft nproc 131072 | |
| ${USER} hard nproc 131072 | |
| ${USER} soft core unlimited | |
| ${USER} hard core unlimited | |
| ${USER} soft memlock 500000 | |
| ${USER} hard memlock 500000 | |
| EOF |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment