podman: Cannot install podman on Amazon Linux 2

For rootless podman these steps should work. let me know if you run into any issues.

sudo amazon-linux-extras disable docker
sudo amazon-linux-extras install -y kernel-ng

sudo yum check-update
sudo yum install -y yum-utils yum-plugin-copr

sudo cat <<EOF > /etc/yum.repos.d/devel\:kubic\:libcontainers\:stable.repo
[devel_kubic_libcontainers_stable]
name=Stable Releases of Upstream github.com/containers packages (CentOS_7)
type=rpm-md
baseurl=https://provo-mirror.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_7/
gpgcheck=0
gpgkey=https://provo-mirror.opensuse.org/devel:/kubic:/libcontainers:/stable/CentOS_7/repodata/repomd.xml.key
enabled=1
EOF

sudo yum copr enable -y lsm5/container-selinux

sudo yum check-update
sudo yum install -y podman slirp4netns

test ! -f /etc/containers/seccomp.json && \
  sudo wget https://raw.githubusercontent.com/docker/labs/master/security/seccomp/seccomp-profiles/default.json -O /etc/containers/seccomp.json

sudo grubby --update-kernel=ALL \
   --args="systemd.unified_cgroup_hierarchy=1 namespace.unpriv_enable=1 user_namespace.enable=1"

echo "user.max_user_namespaces=10000" | sudo tee /etc/sysctl.d/98-userns.conf

echo "$(id -un):100000:65536" | sudo tee -a /etc/subuid
echo "$(id -un):100000:65536" | sudo tee -a /etc/subgid

sudo yum install -y git-core autoconf gettext-devel automake libtool libxslt byacc libsemanage-devel

mkdir -pv ~/src && cd ~/src
git clone https://github.com/shadow-maint/shadow shadow-utils
cd shadow-utils
./autogen.sh --prefix=/usr/local
make -j $(nproc)

sudo cp src/newgidmap src/newuidmap /usr/local/bin/

sudo setcap cap_setuid+ep /usr/local/bin/newuidmap
sudo setcap cap_setgid+ep /usr/local/bin/newgidmap

sudo systemctl reboot
podman system migrate
podman version
podman run --rm -it hello-world:latest

There should be a podman 1.6.6 version of podman on RHEL7, Centos7 and Amazone Linux 7 then correct?

Default CentOS 7 Extras will have everything from RHEL 7 Extras. But Amazon Linux Extras is not the same. AFAIK, there’s no default podman build available on Amazon Linux. So, you either gotta build your own or use the one from the Kubic repos (Known to work) or CentOS Extras repo (not sure if this one works).

Amazon Extras: https://aws.amazon.com/premiumsupport/knowledge-center/ec2-install-extras-library-software/

In the meantime, I’ve simplified the process of developing an install script for the installer by directly using a docker image. The environment is not a VM but is the same you would get in an EC2 instance:

$ docker run --rm -it amazonlinux

Then I used the following install script which installs podman in the amazonlinux docker.

The next step will be to try it out on an EC2.

#!/bin/bash

cat <<EOF >/tmp/base
[base]
name=CentOS 7 Base Packages
baseurl=http://mirror.centos.org/centos/7/os/x86_64/
enabled=1
gpgcheck=0
EOF

sudo mv /tmp/base /etc/yum.repos.d/centos-base.repo

cat <<EOF >/tmp/extras
[extras]
name=CentOS 7 Extras Packages
baseurl=http://mirror.centos.org/centos/7/extras/x86_64/
mirrorlist=http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras
enabled=1
gpgcheck=0
EOF

sudo mv /tmp/extras /etc/yum.repos.d/centos-extras.repo

sudo mv /etc/yum.repos.d/amzn2-core.repo  /tmp
sudo yum update
sudo yum install \
        buildah \
        podman

sudo mv /tmp/amzn2-core.repo /etc/yum.repos.d/amzn2-core.repo

Ok hopefully @lsm5 can look at the docs, or figure out why the Amazon package is not available. But if you could open an issue with Amazon to ship Podman, that would be useful to us.