Red Hat Summit Red Hat Summitサポートコンソール開発者トライアルの開始お問い合わせ

第19章 Managing containers by using RHEL system roles

With the podman RHEL system role, you can manage Podman configuration, containers, and systemd services that run Podman containers.

19.1. Configuring image registry management for Podman and other container tools
リンクのコピー

With the podman RHEL system role, you can automate the Podman management, including registry configuration, across multiple RHEL systems. Instead of manually editing files, you define your desired registry configuration in an Ansible playbook.

The podman RHEL system role uses the podman_registries_conf variable, which accepts a dictionary containing the registry settings. The role then creates a drop-in file, for example, in the /etc/containers/registries.conf.d/ to apply your configuration, following best practices for managing system configurations.

Prerequisites

Procedure

  1. Create a playbook file, for example, ~/playbook.yml, with the following content: 

    ---
- name: Configure Podman registries with RHEL system roles
  hosts: managed-node-01.example.com
  vars:
    podman_registries_conf:
      unqualified-search-registries:
        - "registry.access.redhat.com"
        - "docker.io"
        - "my-company-registry.com"
      registry:
        - location: "my-company-registry.com"
        - location: "my-local-registry:5000"
          insecure: true
  tasks:
    - name: Include the podman system role
      ansible.builtin.include_role:
        name: redhat.rhel_system_roles.podman

    The settings specified in the example playbook include the following:

    • unqualified-search-registries: Extends the list of registries Podman searches when you use a short image name (for example, podman pull <my-image>). Podman searches for images in my-company-registry.com after the default registries.
    • [registry]: Defines specific properties for a given registry. For example, you can enable an insecure connection by setting insecure=true to a local registry running at my-local-registry:5000.

  2. Validate the playbook syntax: 

    $ ansible-playbook --syntax-check ~/playbook.yml

    Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

  3. Run the playbook: 

    $ ansible-playbook ~/playbook.yml

    The podman_use_new_toml_formatter variable generates TOML-compliant configuration files that are compatible with Podman. This variable enhances the Podman role by supporting all TOML features, including tables and inline tables, through a true TOML formatter instead of the Jinja template used previously.

    The new formatter is disabled by default to maintain compatibility with the previous formatter’s behavior. To enable the new formatter, set podman_use_new_toml_formatter: true in your configuration: 

podman_use_new_toml_formatter: true
podman_containers_conf:
  containers:
    annotations:
      - environment=production
      - status=tier2

Verification

  1. Run the podman info command on the host: 

    $ ansible managed-node-01.example.com -m command -a 'podman info'

  2. Verify the registeries section: 

    registries:
  my-company-registry.com:
    Blocked: false
    Insecure: false
    Location: my-company-registry.com
    MirrorByDigestOnly: false
    Mirrors: null
    Prefix: my-company-registry.com
    PullFromMirror: ""
  my-local-registry:5000:
    Blocked: false
    Insecure: true
    Location: my-local-registry:5000
    MirrorByDigestOnly: false
    Mirrors: null
    Prefix: my-local-registry:5000
    PullFromMirror: ""
  search:
  - registry.access.redhat.com
  - docker.io
  - my-company-registry.com
Red Hat logoGithubredditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。 最新の更新を見る.

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

Theme

© 2026 Red Hatトップに戻る