Mounting a CIFS Volume on a Podman Container with Molecule/Ansible: A Step-by-Step Guide

Are you tired of running into the dreaded “Operation not permitted” error when trying to mount a CIFS volume on a Podman container using Molecule/Ansible? Well, you’re in luck because this article is here to guide you through the process of successfully mounting a CIFS volume on a Podman container with Molecule/Ansible.

What is Podman?

Before we dive into the tutorial, let’s quickly cover what Podman is. Podman is a containerization platform that allows you to run and manage containers on a Linux system. It’s similar to Docker, but with a few key differences. Podman is daemon-less, which means it doesn’t require a running daemon process to manage containers. This makes it a lightweight and flexible alternative to Docker.

What is Molecule?

Molecule is a testing framework for Ansible roles. It allows you to write tests for your Ansible roles and ensure they work as expected. Molecule uses Docker or Podman to create test environments, which makes it a great tool for testing infrastructure automation.

What is Ansible?

Ansible is an open-source automation tool that allows you to automate infrastructure deployment, configuration, and management. It uses YAML playbooks to define the desired state of your infrastructure, and then it takes care of making it so.

The Problem: Operation not Permitted

When trying to mount a CIFS volume on a Podman container using Molecule/Ansible, you might encounter the following error:

mount: /mnt: Operation not permitted

This error occurs because the Podman container doesn’t have the necessary permissions to mount the CIFS volume. But don’t worry, we’ll show you how to overcome this challenge.

Prerequisites

Before you begin, make sure you have the following installed:

• Podman (version 1.9.3 or higher)
• Molecule (version 3.0.2 or higher)
• Ansible (version 2.9.10 or higher)
• A CIFS share setup and available

Step 1: Create an Ansible Role

Create a new Ansible role called `cifs_mount` with the following directory structure:

cifs_mount
roles
cifs_mount
tasks
main.yml
handlers
main.yml
defaults
main.yml
meta
main.yml

In the `tasks/main.yml` file, add the following code:

---
- name: Mount CIFS volume
  mount:
    path: /mnt
    src://{{ cifs_share }}/{{ cifs_mount_point }}
    opts: rw,vers=3.0,username={{ cifs_username }},password={{ cifs_password }},dir_mode=0777,file_mode=0666
    state: mounted

This task will mount the CIFS volume to the `/mnt` directory in the container.

Step 2: Create a Molecule Scenario

Create a new Molecule scenario called `cifs-mount` with the following directory structure:

molecule
cifs-mount
molecule.yml
converge.yml

In the `molecule.yml` file, add the following code:

---
scenario:
  name: cifs-mount

driver:
  name: podman

provisioner:
  name: ansible

platforms:
  - name:.centos7

lint:
  name: yamllint

This scenario will use Podman as the container driver, Ansible as the provisioner, and CentOS 7 as the platform.

Step 3: Create a Podman Container

In the `converge.yml` file, add the following code:

---
- name: Create a Podman container
  podman_container:
    name: cifs-mount
    image: centos:7
    state: present
    volumes:
      - /mnt:/mnt

- name: Install necessary packages
  yum:
    name: cifs-utils
    state: present

- name: Mount CIFS volume
  include_role:
    name: cifs_mount

This playbook will create a new Podman container called `cifs-mount` with the CentOS 7 image, install the `cifs-utils` package, and then include the `cifs_mount` role to mount the CIFS volume.

Step 4: Run Molecule

Run the following command to execute the Molecule scenario:

molecule converge -s cifs-mount

This will create a new Podman container, install the necessary packages, and mount the CIFS volume.

Step 5: Overcome the Operation not Permitted Error

To overcome the “Operation not permitted” error, you need to add the following line to the `converge.yml` file:

- name: Set privileged mode
  podman_container:
    name: cifs-mount
    privileged: true

This will run the container in privileged mode, allowing it to mount the CIFS volume.

Step 6: Verify the Mount

Once the Molecule scenario has completed, verify that the CIFS volume has been mounted successfully by running the following command:

molecule verify -s cifs-mount

This will check that the CIFS volume is mounted to the `/mnt` directory in the container.

Conclusion

In this article, we’ve shown you how to mount a CIFS volume on a Podman container using Molecule/Ansible. We’ve covered the necessary steps to create an Ansible role, a Molecule scenario, and a Podman container. We’ve also shown you how to overcome the “Operation not permitted” error by running the container in privileged mode.

With these instructions, you should be able to successfully mount a CIFS volume on a Podman container using Molecule/Ansible. Happy automating!

Tool	Version
Podman	1.9.3 or higher
Molecule	3.0.2 or higher
Ansible	2.9.10 or higher

Note: Make sure to replace the placeholder values in the code snippets with your actual CIFS share, mount point, username, and password.

Common Errors and Solutions

Here are some common errors you might encounter and their solutions:

Error 1: Mount failed: invalid option

Solution: Check that the `opts` parameter in the `mount` task is correct. Make sure to specify the `vers=3.0` option for CIFS version 3.0.

Error 2: Mount failed: permission denied

Solution: Add the `privileged: true` option to the `podman_container` task to run the container in privileged mode.

Error 3: CIFS share not available

Solution: Check that the CIFS share is available and correctly configured. Make sure the username and password are correct.

We hope this article has been helpful in guiding you through the process of mounting a CIFS volume on a Podman container using Molecule/Ansible. If you have any further questions or need more assistance, feel free to ask!

Frequently Asked Question

Got stuck while mounting a CIFS volume on a podman container with molecule/ansible? Worry not, we’ve got you covered!