Chapter 18. Managing containers by using the podman RHEL system role
With the podman
RHEL system role, you can manage Podman configuration, containers, and systemd
services that run Podman containers.
18.1. Variables of the podman RHEL system role
The parameters used for the podman
RHEL system role are the following:
Variable | Description |
---|---|
| Describes a Podman pod and the corresponding systemd unit.
|
| List of Quadlet specifications. Warning Quadlets work only with rootful containers on RHEL 8. Quadlets work with rootless containers only on RHEL 9.
Quadlet is defined by a name and type of a unit. Types of a unit can be the following:
When a Quadlet specification depends on some other file, for example [Kube] ConfigMap=my-app-config.yml Yaml=my-app.yml ...
Then you must specify podman_quadlet_specs: - file_src: my-app-config.yml - file_src: my-app.yml - file_src: my-app.kube
Most of the parameters for each Quadlet specification are the same as for
|
|
List of secret specs in the same format as used by podman_secret, except that there is an additional field |
|
If true, the role ensures host directories specified in host mounts in Note To ensure that the role manages the directories, you must specify directories as absolute paths for root containers, or paths relative to the home directory, for non-root containers.
The role applies its default ownership or permissions to the directories. If you need to set ownership or permissions, see |
|
It is a dict. If using |
| It is a list of dict. Specifies ports that you want the role to manage in the firewall. This uses the same format as used by the firewall RHEL system role. |
| It is a list of dict. Specifies ports that you want the role to manage the SELinux policy for ports used by the role. This uses the same format as used by the selinux RHEL system role. |
|
Specifies the name of the user to use for all rootless containers. You can also specify per-container/unit/secret username with Note The user must already exist. |
|
Specifies the name of the group to use for all rootless containers. You can also specify a per-container or unit group name with Note The group must already exist. |
|
Defines the |
|
Defines the |
|
Defines the |
|
Defines the |
|
Defines the |
Additional resources
-
/usr/share/ansible/roles/rhel-system-roles.podman/README.md
file -
/usr/share/doc/rhel-system-roles/podman/
directory