tier-1: Enable recommends, fix podman

We were missing `container-selinux`...oops. Fix that. While we're here.. - Fully re-enable `recommends: true` - this is not a small image, and so let's not try to override things. - Drop out the old-style compat networking packages for podman, since this is a new image
2023-09-23 08:27:45 -04:00 · 2023-09-23 08:27:45 -04:00 · 719024a2c1
parent e67a9ca22c
commit 719024a2c1
3 changed files with 10 additions and 21 deletions
--- a/tier-1/manifest.yaml
+++ b/tier-1/manifest.yaml
@ -1,8 +1,11 @@
+# Flip this back on, we're going to be a larger system
+recommends: true

 include:
  - manifest-tier-0.yaml
  - bootable-rpm-ostree.yaml
  - dnf.yaml
+  - podman.yaml
  - firmware.yaml
  - networking-tools.yaml
  - system-configuration.yaml
@ -14,23 +17,6 @@ packages:
  # Include and set the default editor
  - nano
  - fuse-overlayfs slirp4netns
-  # support for old style CNI networks and name resolution for
-  # podman containers with CNI networks
-  # https://github.com/coreos/fedora-coreos-tracker/issues/519
-  # https://github.com/coreos/fedora-coreos-tracker/issues/1128#issuecomment-1071338097
-  - containernetworking-plugins podman-plugins dnsmasq
-  # For podman v4 netavark gets pulled in but it only recommends
-  # aardvark-dns (which provides name resolution based on container
-  # names). This functionality was previously provided by dnsname from
-  # podman-plugins in the podman v3 stack.
-  # See https://github.com/containers/netavark/pull/217
-  - aardvark-dns
-  # Since we need `containernetworking-plugins` installed to continue
-  # to support CNI networks we need to also explicitly install
-  # `netavark` so we get both of them installed since both of them
-  # provide `container-network-stack`.
-  # https://github.com/coreos/fedora-coreos-tracker/issues/1128#issuecomment-1071458717
-  - netavark
  # Minimal NFS client
  - nfs-utils-coreos
  # Additional firewall support; we aren't including these in RHCOS or they
--- a/tier-1/podman.yaml
+++ b/tier-1/podman.yaml
@ -0,0 +1,7 @@
+# Core podman bits
+
+packages:
+  - crun
+  - podman
+  - container-selinux
+  - skopeo
--- a/tier-1/user-experience.yaml
+++ b/tier-1/user-experience.yaml
@ -34,9 +34,5 @@ packages:
  - kexec-tools
  # Remote Access
  - openssh-clients openssh-server
-  # Container tooling
-  - crun
-  - podman
-  - skopeo
  # nvme-cli for managing nvme disks
  - nvme-cli