Link Search Menu Expand Document

Installing NOMASX-1 on Linux

Table of contents

TIP

PODMAN is fastest way to install NOMASX-1. Even if it is possible to install each component separately, using podman is better because all is preconfigured

1. Requirements

  • RAM : 8Go
  • DISK : 60 Go
  • CPU : 2vCPU

The server should have an access to internet to download all images and applications sources from Github and Oracle Registry Container.

Podman works rootless, you can create a user to start all containers with a specific user and without using root

groupadd nomasx1
useradd -g nomasx1 nomasx1

Check if SELINUX is enabled and change mode to permissive

sestatus

SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
********************
** CHECK MODE **
Current mode:                   enforcing
Mode from config file:          enforcing
********************
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      31

Set secure Linux to permissive by editing the “/etc/selinux/config” file, making sure the SELINUX flag is set as follows.

SELINUX=permissive

Once the change is complete, restart the server or run the following command.

setenforce Permissive

Disable firewall

systemctl stop firewalld
systemctl disable firewalld
systemctl status firewalld

2. Install Podman

dnf -y install podman podman-docker buildah skopeo dnf-utils zip unzip tar gzip git
dnf -y update

Add the user created previously to be able to start container rootless

touch /etc/subuid /etc/subgid
usermod --add-subuids 100000-165535 --add-subgids 100000-165535 nomasx1
podman system migrate

Set storage for images and volume (optional). By default, if podman is running rootless, stoage path is into $HOME directory for the user. You can change the path by modifying the config file /etc/containers/storage.conf

# Storage path for rootless users
#
# rootless_storage_path = "$HOME/.local/share/containers/storage"
rootless_storage_path = "/app/containers/$USER/storage"

3. Enable service and check status

systemctl enable --now podman.socket
systemctl status podman.socket

4. Download components

The Repository is private because this application is under licence. Ask for credentials to download

git clone https://github.com/fblettner/nomasx1-containers.git
Enter login and password

cd nomasx1-containers/data
./getdata.sh (this will download and unzip the preconfigured Oracle Database)

Give rights for user inside the container
podman unshare chown -R 54321:54321 data/oradata

5. Start all containers

Login to OCI to be able to start all containers (this is a one time only task)

podman login https://lhr.ocir.io
Enter login and password

Start the containers

podman play kube nomasx1w.yaml --configmap .nomasx1.yaml,.rundeck.yaml

6. Configure services

Create directory for systemd into $USER directory

mkdir $HOME/.config/systemd/user
cd $HOME/.config/systemd/user
loginctl enable-linger $USER
export XDG_RUNTIME_DIR=/run/user/$(id -u)

Create unit files

podman generate systemd --files --name nomasx1

Enable services

systemctl --user daemon-reload
systemctl --user enable pod-nomasx1.service
systemctl --user start pod-nomasx1.service

Back to top

Copyright © 2022 - NOMANA-IT - ALL RIGHTS RESERVED