This collects some of the reference information I used when setting up my development workflow on Silverblue, and some nits along the way I encountered.
Mostly this applies for a workflow like https://github.com/projectatomic/rpm-ostree/tree/master/vagrant.
After installing vagrant-libvirt
(e.g. after rpm-ostree install vagrant-libvirt
and rebooting), you may need to do the following, otherwise vagrant
can hit permission errors:
sudo restorecon -vR /etc/libvirt`
(note: use sudo restorecon -nvR /etc/libvirt
to see what files would be changed, without changing them).
(see https://bugzilla.redhat.com/show_bug.cgi?id=1631033#c4).
If you are using a Fedora 30 container, and you mount directories from under the home directory on your host (i.e. ~
), then you should manually create the symlink /home -> /var/home
inside the container. This is needed because ostree-managed systems like Silverblue have this symlink in place already, but the general Fedora 30 build container does not. This can lead to "not found" errors inside the build container, even when it looks like the file was mounted into the container.
ln -s /home /var/home
For rpm-ostree
in particular, the mount path from the host into the container must be the same in order for make vmsync
to work (see podman run
command at https://github.com/projectatomic/rpm-ostree/tree/master/vagrant#developing-using-docker--vagrant).
Also run rpm-ostree install ansible
for provisioning Vagrant VMs using ansible.
rpm-ostree install virsh
is handy for interacting with domains vagrant
creates, in cases where vagrant destroy
fails to clean up the VM. You can do virsh destroy <vm name> && virsh undefine <vm name>
.
Make sure polkit is configured on your host (or add your user to the libvirt
group) to avoid typing in a password on every vagrant
command: coreos/rpm-ostree#49 (comment)
Things generally work best running podman containers as root (e.g. sudo podman run
) as rootless podman has some limitations: https://github.com/containers/libpod/blob/master/rootless.md#shortcomings-of-rootless-podman
However, try rootless podman whenever you can!
Finally workarounds for some common problems when running vagrant
in general requiring manual fixes: vagrant-libvirt/vagrant-libvirt#658 (comment)