nixos/virtualisation.oci-containers: Use podman as the default backend

This has a number of benefits such as that applying service limits will actually work since there isn't a layer of indirection (the Docker daemon) between the systemd service and the container runtime.
2 years ago · 46241e156c
parent 986fc6057c
commit 46241e156c
3 changed files with 17 additions and 5 deletions
--- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
+++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
@ -509,6 +509,19 @@
          <literal>/etc/containers</literal>.
        </para>
      </listitem>
+      <listitem>
+        <para>
+          For new installations
+          <literal>virtualisation.oci-containers.backend</literal> is
+          now set to <literal>podman</literal> by default. If you still
+          want to use Docker on systems where
+          <literal>system.stateVersion</literal> is set to to
+          <literal>&quot;22.05&quot;</literal> set
+          <literal>virtualisation.oci-containers.backend = &quot;docker&quot;;</literal>.Old
+          systems with older <literal>stateVersion</literal>s stay with
+          <quote>docker</quote>.
+        </para>
+      </listitem>
      <listitem>
        <para>
          <literal>security.klogd</literal> was removed. Logging of
--- a/nixos/doc/manual/release-notes/rl-2205.section.md
+++ b/nixos/doc/manual/release-notes/rl-2205.section.md
@ -164,6 +164,9 @@ In addition to numerous new and upgraded packages, this release has the followin
  This is to improve compatibility with `libcontainer` based software such as Podman and Skopeo
  which assumes they have ownership over `/etc/containers`.

+- For new installations `virtualisation.oci-containers.backend` is now set to `podman` by default.
+  If you still want to use Docker on systems where `system.stateVersion` is set to to `"22.05"` set `virtualisation.oci-containers.backend = "docker";`.Old systems with older `stateVersion`s stay with "docker".
+
 - `security.klogd` was removed.  Logging of kernel messages is handled
  by systemd since Linux 3.5.

--- a/nixos/modules/virtualisation/oci-containers.nix
+++ b/nixos/modules/virtualisation/oci-containers.nix
@ -338,11 +338,7 @@ in {

    backend = mkOption {
      type = types.enum [ "podman" "docker" ];
-      default =
-        # TODO: Once https://github.com/NixOS/nixpkgs/issues/77925 is resolved default to podman
-        # if versionAtLeast config.system.stateVersion "20.09" then "podman"
-        # else "docker";
-        "docker";
+      default = if versionAtLeast config.system.stateVersion "22.05" then "podman" else "docker";
      description = "The underlying Docker implementation to use.";
    };