containers/testnode: Support nesting

Signed-off-by: Zack Cerza <zack@redhat.com>

diff --git a/containers/testnode/Dockerfile b/containers/testnode/Dockerfile
index 8a16657f576fe1b4915bb27f6620967f375a1f03..07670ae37f19b7f2292c91f2b811d4e76d3b48c5 100644 (file)
--- a/containers/testnode/Dockerfile
+++ b/containers/testnode/Dockerfile
@@ -1,12 +1,44 @@
-FROM quay.io/centos/centos:stream9
+FROM quay.io/centos/centos:stream8
+RUN dnf -y update && \
+    rpm --setcaps shadow-utils 2>/dev/null && \
+    dnf -y install podman crun --exclude container-selinux && \
+    dnf clean all && \
+    rm -rf /var/cache /var/log/dnf* /var/log/yum*
+RUN useradd podman; \
+    echo podman:0:5000 > /etc/subuid; \
+    echo podman:0:5000 > /etc/subgid; \
+    echo root:0:65535 > /etc/subuid; \
+    echo root:0:65535 > /etc/subgid;
+RUN mkdir -p /root/.local/share/containers /home/podman/.local/share/containers
+VOLUME /var/lib/containers
+VOLUME /home/podman/.local/share/containers
+VOLUME /root/.local/share/containers
+ADD https://raw.githubusercontent.com/containers/libpod/master/contrib/podmanimage/stable/containers.conf /etc/containers/containers.conf
+ADD https://raw.githubusercontent.com/containers/libpod/master/contrib/podmanimage/stable/podman-containers.conf /home/podman/.config/containers/containers.conf
+ADD https://raw.githubusercontent.com/containers/podman/main/contrib/podmanimage/stable/podman-containers.conf /root/.config/containers/containers.conf
+RUN chown podman:podman -R /home/podman; \
+    echo 'podman:podman' | chpasswd
+RUN chmod 644 /etc/containers/containers.conf; \
+    sed -i \
+      -e 's|^#mount_program|mount_program|g' \
+      -e '/additionalimage.*/a "/var/lib/shared",' \
+      -e 's|^mountopt[[:space:]]*=.*$|mountopt = "nodev,fsync=0"|g' \
+      /etc/containers/storage.conf
+RUN mkdir -p /var/lib/shared/overlay-images /var/lib/shared/overlay-layers /var/lib/shared/vfs-images /var/lib/shared/vfs-layers; \
+    touch /var/lib/shared/overlay-images/images.lock; \
+    touch /var/lib/shared/overlay-layers/layers.lock; \
+    touch /var/lib/shared/vfs-images/images.lock; \
+    touch /var/lib/shared/vfs-layers/layers.lock
+ENV _CONTAINERS_USERNS_CONFIGURED=""
+
 RUN dnf -y install \
     sudo \
     openssh-server \
     hostname \
     python3-pip \
-    httpd \
-    podman && \
-    dnf clean all
+    httpd
+RUN dnf clean all && \
+    rm -rf /var/cache /var/log/dnf* /var/log/yum*
 COPY testnode_start.sh /
 COPY testnode_stop.sh /
 COPY testnode_sudoers /etc/sudoers.d/teuthology