Installing Podman

To use Podman as your management tool for the IBM Z® Resource Discovery Data Service software containers, complete this procedure to configure the Podman distribution provided with your Linux operating system.

Before you begin

  • Podman 4 or later must be installed and configured.
  • Either Aardvark or CNI (Container Network Interface) must be installed and configured as the networking backend for Podman.
  • A working DNS implementation must be available for the Podman networking backend.
    • If you use Aardvark, a DNS implementation is provided by default.
    • If you use CNI, the following additional components must be installed:
        • dnsmasq (available from your Linux® distribution repository)
        • dnsname (CNI plug-in provided with the Z Operational Analytics common components package in the prereqs subdirectory)

Procedure

  1. To determine which networking backend is in use in the Podman installation, run the following command: 
    podman info | grep networkBackend

    If the backend is netavark, no further prerequisites are required.

  2. If the backend is cni, determine whether the dnsname plug-in is installed.
    If the plug-in is installed, it is in the CNI installation directory, which is typically /usr/libexec/cni/.
    If the dnsname binary is present and executable, you are done. You can validate dnsname by running /usr/libexec/cni/dnsname --help. The output should contain a short description and a version of the component similar to the following:
    CNI dnsname plugin
version: 1.4.0-dev
commit: unknown
CNI protocol versions supported: 0.1.0, 0.2.0, 0.3.0, 0.3.1, 0.4.0, 1.0.0
  3. If the dnsname binary is not yet installed, complete the following steps:
    1. Ensure that the dnsmasq component is installed.
      For example, on an RHEL system, run the following command:
      rpm -qa | grep dnsmasq
      If dnsmasq is installed, information that is similar to the following output is shown: 
      dnsmasq-2.79-26.el8.s390x

      Empty output indicates that dnsmasq is not yet installed.

    2. If dnsmasq is not yet installed, install it from your Linux® distribution repository.
      For example, on an RHEL system, run the following command:
      sudo yum install dnsmasq
    3. From the <common_setup_directory>/prereqs directory, copy the dnsname package that is appropriate for your system hardware architecture into the following directory: 
      /usr/libexec/cni/
      For example, on a zLinux (s390x architecture) system, run the following command:
      sudo cp <common_setup_directory>/prereqs/dnsname.s390x /usr/libexec/cni/dnsname
  4. Also, complete the following prerequisite configuration as appropriate for your environment.
    1. If AppArmor is in use in your Linux environment, append the following rules to the AppArmor profile file for dnsmasq to permit proper function of dnsmasq.
      The AppArmor profile file is /etc/apparmor.d/local/usr.sbin.dnsmasq.
      Rules to append to the AppArmor profile file
      
# required by the dnsname plugin in podman
/run/containers/cni/dnsname/*/dnsmasq.conf r,
/run/containers/cni/dnsname/*/addnhosts r,
/run/containers/cni/dnsname/*/pidfile rw,
    2. Reload the AppArmor profile file for dnsmasq by running the following command: 
      sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.dnsmasq