centos7更新podman到最新版
实验环境:centos7.7.1908
1.安装podman并查看版本
$ yum install podman -y
$ podman -v
[root@d7cb4574cd89 /]# podman -v
podman version 1.6.4
centos7默认安装的podman版本是1.6.4,现在我们要把podman升级到最新版。
2.删除现有podman
$ yum remove -y podman
3. 添加EPEL存储库
添加用于安装开发工具的EPEL(Extra Packages for Enterprise Linux)存储库。
$ yum install -y epel-release
or
$ yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
4.安装所需的软件包
$ yum install -y "@Development Tools"
$ yum install -y curl gcc make device-mapper-devel git btrfs-progs-devel \
conmon containernetworking-plugins containers-common glib2-devel glibc-devel \
glibc-static golang-github-cpuguy83-md2man iptables libselinux-devel pkgconfig \
systemd-devel autoconf python3 python3-devel python3-pip yajl-devel libcap-devel
5.GoLang配置
$ cd /usr/local/src
$ curl -LO "https://go.dev/dl/go1.20.3.linux-amd64.tar.gz"
$ tar xzvf go1.20.3.linux-amd64.tar.gz -C /usr/local/
$ mkdir /usr/local/gopath
5.1设置Profile变量
$ vi /etc/profile
# GoLang
export GO_HOME=/usr/local/go
export GOPATH=/usr/local/gopath
export PATH=$PATH:$GO_HOME/bin
$ source /etc/profile
6.安装conmon&runc
6.1.安装conmon
$ git clone https://github.com/containers/conmon.git /usr/local/src/conmon
$ cd /usr/local/src/conmon
$ export GOCACHE="$(mktemp -d)"
$ make -j $(nproc)
$ make install
6.2.安装runc
$ git clone https://github.com/opencontainers/runc.git $GOPATH/src/github.com/opencontainers/runc
$ cd $GOPATH/src/github.com/opencontainers/runc
$ make -j $(nproc) BUILDTAGS="selinux seccomp"
$ cp runc /usr/bin/runc
执行make -j $(nproc) BUILDTAGS="selinux seccomp"有以下报错
执行yum install libseccomp-devel,然后重新make -j $(nproc) BUILDTAGS="selinux seccomp"
问题解决! 然后cp runc /usr/bin/runc,最后查看版本runc -version
7.编译库
为了编译Podman,需要下面列出的库。
Libgpg-error, Libassuan, nPth, Libgcrypt, Libksba, ntbTLS, GnuPG, GPGME
https://gnupg.org/download/index.html
虽然CentOS支持该库包,但版本较低,无法编译最新版本的Podman。
因此,需要将库编译为源代码后单独指定。
7.1 安装Libgpg-error
$ cd /usr/local/src
$ curl -LO "https://gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.47.tar.bz2"
$ tar xjvf libgpg-error-1.47.tar.bz2
$ cd libgpg-error-1.47
$ ./configure --prefix=/usr/local/libgpg-error
$ make -j $(nproc)
$ make install
7.2 安装Libassuan
必须将configure的gpg-error-config更改为gpgrt-config。
$ cd /usr/local/src
$ curl -LO "https://gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.5.tar.bz2"
$ tar xjvf libassuan-2.5.5.tar.bz2
$ cd libassuan-2.5.5
$ sed -i 's/gpg-error-config/gpgrt-config/g' configure
$ ./configure --prefix=/usr/local/libassuan \
--with-libgpg-error-prefix=/usr/local/libgpg-error
$ make -j $(nproc)
$ make install
7.3 安装nPth
$ cd /usr/local/src
$ curl -LO "https://gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2"
$ tar xjvf npth-1.6.tar.bz2
$ cd npth-1.6
$ ./configure --prefix=/usr/local/npth
$ make -j $(nproc)
$ make install
7.4 安装Libgcrypt
$ cd /usr/local/src
$ curl -LO "https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.10.2.tar.bz2"
$ tar xjvf libgcrypt-1.10.2.tar.bz2
$ cd libgcrypt-1.10.2
$ ./configure --prefix=/usr/local/libgcrypt \
--with-libgpg-error-prefix=/usr/local/libgpg-error
$ make -j $(nproc)
$ make install
在进行7.4的 ./configure之前先把7.10配置完成
配置完后执行 ./configure --prefix=/usr/local/libgcrypt --with-libgpg-error-prefix=/usr/local/libgpg-error如果出现如下问题
$
export PATH=$LIBGPG_ERROR_HOME/bin:$PATH$ which gpg-error
执行完上面代码后重新执行 ./configure,就可以执行成功,生成makefile文件
之后继续执行 make -j $(nproc) 和 make install 就可以了
7.5 安装Libksba
$ cd /usr/local/src
$ curl -LO "https://gnupg.org/ftp/gcrypt/libksba/libksba-1.6.3.tar.bz2"
$ tar xjvf libksba-1.6.3.tar.bz2
$ cd libksba-1.6.3
$ ./configure --prefix=/usr/local/libksba \
--with-libgpg-error-prefix=/usr/local/libgpg-error
$ make -j $(nproc)
$ make install
7.6 安装ntbTLS
必须将configure中的–with-libksba-prefix更改为–with-ksba-prefix。
$ cd /usr/local/src
$ curl -LO "https://gnupg.org/ftp/gcrypt/ntbtls/ntbtls-0.3.1.tar.bz2"
$ tar xjvf ntbtls-0.3.1.tar.bz2
$ cd ntbtls-0.3.1
$ ./configure --prefix=/usr/local/ntbtls \
--with-ksba-prefix=/usr/local/libksba \
--with-libgcrypt-prefix=/usr/local/libgcrypt \
--with-libgpg-error-prefix=/usr/local/libgpg-error
$ make -j $(nproc)
$ make install
执行 make -j $(nproc) 会有如下错误
执行 yum install zlib-devel 后重新执行 make -j $(nproc) 即可
7.7 安装GnuPG
必须将configure中的–with-libksba-prefix更改为–with-ksba-prefix。
$ cd /usr/local/src
$ curl -LO "https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.0.tar.bz2"
$ tar xjvf gnupg-2.4.0.tar.bz2
$ cd gnupg-2.4.0
$ ./configure --prefix=/usr/local/gnupg \
--without-libintl-prefix \
--without-libiconv-prefix \
--with-npth-prefix=/usr/local/npth \
--with-ntbtls-prefix=/usr/local/ntbtls \
--with-ksba-prefix=/usr/local/libksba \
--with-libgcrypt-prefix=/usr/local/libgcrypt \
--with-libassuan-prefix=/usr/local/libassuan \
--with-libgpg-error-prefix=/usr/local/libgpg-error
$ make -j $(nproc)
$ make install
7.8 安装GPGME
$ cd /usr/local/src
$ curl -LO "https://gnupg.org/ftp/gcrypt/gpgme/gpgme-1.20.0.tar.bz2"
$ tar xjvf gpgme-1.20.0.tar.bz2
$ cd gpgme-1.20.0
$ ./configure --prefix=/usr/local/gpgme \
--with-libassuan-prefix=/usr/local/libassuan \
--with-libgpg-error-prefix=/usr/local/libgpg-error
$ make -j $(nproc)
$ make install
执行7.8./configure之前要先执行完7.9,之后再执行7.8 ./configure
执行 make -j $(nproc) 会有如下报错
$ cd /usr/local/src/gpgme-1.20.0/tests/gpg/
$ vi gpg.conf
$ comment 第5行
回到 /usr/local/src/gpgme-1.20.0目录下重新执行make -j $(nproc)
export LD_LIBRARY_PATH=/usr/local/libksba/lib:/usr/local/libgcrypt/lib:/usr/local/npth/lib:/usr/local/libgpg-error/lib
env | grep LD_LIBRARY_PATH
缺哪个export哪个,应该是4个都缺,所以要export4个
之后重新执行 make -j $(nproc),会有如下报错
上面错误是因为版本太低导致很多奇怪的编译错误,我们要升级gcc的版本才可以,然后重新执行make -j $(nproc)
到此还没有找到好的解决办法
7.9 设置PKGCONFIG
$ mkdir /usr/local/pkgconfig
$ cd /usr/local/pkgconfig
$ ln -s /usr/local/gpgme/lib/pkgconfig/* ./
$ ln -s /usr/local/ntbtls/lib/pkgconfig/* ./
$ ln -s /usr/local/libksba/lib/pkgconfig/* ./
$ ln -s /usr/local/libgcrypt/lib/pkgconfig/* ./
$ ln -s /usr/local/libassuan/lib/pkgconfig/* ./
$ ln -s /usr/local/libgpg-error/lib/pkgconfig/* ./
7.10 Profile变量设置
$ vi /etc/profile
# PKGCONFIG
export PKG_CONFIG_PATH=/usr/local/pkgconfig
# Libgpg-error
# Libgpg-error
export LIBGPG_ERROR_HOME=/usr/local/libgpg-error
export PATH=$PATH:$LIBGPG_ERROR_HOME/bin
# Libassuan
export LIBASSUAN_HOME=/usr/local/libassuan
export PATH=$PATH:$LIBASSUAN_HOME/bin
# nPth
export NPTH_HOME=/usr/local/npth
export PATH=$PATH:$NPTH_HOME/bin
# Libgcrypt
export LIBGCRYPT_HOME=/usr/local/libgcrypt
export PATH=$PATH:$LIBGCRYPT_HOME/bin
# Libksba
export LIBKSBA_HOME=/usr/local/libksba
export PATH=$PATH:$LIBKSBA_HOME/bin
# ntbTLS
export NTBTLS_HOME=/usr/local/ntbtls
export PATH=$PATH:$NTBTLS_HOME/bin
# GnuPG
export GNUPG_HOME=/usr/local/gnupg
export PATH=$PATH:$GNUPG_HOME/bin
# GPGME
export GPGME_HOME=/usr/local/gpgme
export PATH=$PATH:$GPGME_HOME/bin
$ source /etc/profile
8 Podman安装
$ cd /usr/local/src
$ PODMAN_VER_TAG="v4.6.1"
$ wget https://github.com/containers/podman/archive/refs/tags/${PODMAN_VER_TAG}.tar.gz
$ tar xzvf ${PODMAN_VER_TAG}.tar.gz
$ cd ${PODMAN_VER_TAG}
$ make -j $(nproc) BUILDTAGS="selinux seccomp"
$ make install PREFIX=/usr
cd /usr/local/src
PODMAN_VER_TAG="v4.6.1"
wget https://github.com/containers/podman/archive/refs/tags/v4.6.1.tar.gz
tar xzvf v4.6.1.tar.gz
cd podman-4.6.1
make -j $(nproc) BUILDTAGS="selinux seccomp"
make install PREFIX=/usr如果执行wget https://github.com/containers/podman/archive/refs/tags/v4.6.1.tar.gz,github连接不上可以通过wget https://kgithub.com/containers/podman/archive/refs/tags/v4.6.1.tar.gz下载,但是我试了一下从镜像中下载的好像不行,所以尽量还是从github下载
直接在centos7.7下安装podman4.6.1还是有问题存在,目前没有找到很好的解决办法,不过可以先在centos7.9下安装podman4.6.1,再copy到centos7.7下