Click on each book below to review & buy on Amazon.
As an Amazon Associate, I earn from qualifying purchases.
RHCSA - Manage Containers: Configure a Container to Start Automatically as a Systemd Service
By defining a systemd
unit file for a container you can allow that container to automatically start at boot time. But you do not need to remember how to write a systemd
unit file as a command is provided to do for us, which is podman generate systemd --name <container> --files
.
Generate Container systemd Service - Root/System
The following exercise will get you creating a root
container and having it run automatically as a systemd
service:
Create a container and a systemd
service to ensure the container starts on boot:
Create a container based on the nginx
image:
sudo podman create --name nginx -p 8080:80 docker.io/nginx
nginx
image should get pulled down if it did not already exist locally:
Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob e3b6889c8954 done
Copying blob fd9f026c6310 done
Copying blob 52d2b7f179e3 done
Copying blob 96576293dd29 done
Copying blob 055fa98b4363 done
Copying blob a7c4092be904 done
Copying blob da761d9a302b done
Copying config eea7b3dcba done
Writing manifest to image destination
Storing signatures
4565ccf7a0d1ccc1d9bd22a1504f5c76cd21162dae3c34ddb94febcefcba3f92
Change to the systemd
directory where custom unit files need creating:
Ensure you perform this change directory before generating the unit file so that SELinux
contexts are correct for the unit file creation.
cd /etc/systemd/system
Generate the systemd
unit file:
sudo podman generate systemd --name nginx --files
The command output will show the unit file that was created. You can see that the service gets called container-<container name>.service
:
/etc/systemd/system/container-nginx.service
Reload the systemd
daemon to pick up the new unit file:
sudo systemctl daemon-reload
Enable the container so it starts automatically on boot:
sudo systemctl enable container-nginx.service
Command will create a symbolic link when enabling a service:
Created symlink /etc/systemd/system/default.target.wants/container-nginx.service -> /etc/systemd/system/container-nginx.service.
Reboot the machine as you will want to ensure the service starts on boot, in turn starting the container:
sudo reboot
After reboot, check the service status:
systemctl status container-nginx
The output shows the container is running:
- container-nginx.service - Podman container-nginx.service
Loaded: loaded (/etc/systemd/system/container-nginx.service; enabled; pres>
Active: active (running) since Tue 2023-09-05 08:11:45 BST; 1min 47s ago
Docs: man:podman-generate-systemd(1)
Process: 1254 ExecStart=/usr/bin/podman start nginx (code=exited, status=0/>
Main PID: 1643 (conmon)
Tasks: 1 (limit: 48714)
Memory: 34.1M
CPU: 186ms
CGroup: /system.slice/container-nginx.service
└─1643 /usr/bin/conmon --api-version 1 -c 4565ccf7a0d1ccc1d9bd22a1
Confirm the container is running by using podman ps
command:
sudo podman ps
Container will show as up:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4565ccf7a0d1 docker.io/library/nginx:latest nginx -g daemon o... 8 minutes ago Up 4 minutes 0.0.0.0:8080->80/tcp nginx
Make sure the container is serving content:
curl http://localhost:8080
nginx
welcome page should display:
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
Generate Container systemd Service - User
The following exercise will get you creating a user
container and having it run automatically as a systemd
service:
Create a user container and a systemd
service to ensure the container starts on boot:
To ensure your user can run services in the background whilst you are logged off run the following, replacing user1
with your user:
sudo loginctl enable-linger user1
Next you need to create a directory for the user systemd
unit file for the container to live:
mkdir -p ~/.config/systemd/user
Change into the created directory:
cd ~/.config/systemd/user
Create a container based on the nginx
image:
podman create --name user-nginx -p 8081:80 docker.io/nginx
nginx
image should get pulled down if it did not already exist locally, or the container ID will print to screen on its own if the image did already exists locally:
Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob 52d2b7f179e3 done
Copying blob fd9f026c6310 done
Copying blob 055fa98b4363 done
Copying blob 96576293dd29 done
Copying blob a7c4092be904 done
Copying blob e3b6889c8954 done
Copying blob da761d9a302b done
Copying config eea7b3dcba done
Writing manifest to image destination
Storing signatures
dc02e4dc1f3dbb67d4da884c340a3df8ea5b557bd7c0d588f43ded4ab958e854
Generate the systemd
unit file:
podman generate systemd --name user-nginx --files
The command output will show the unit file that was created. You can see that the service gets called container-<container name>.service
:
/home/user1/.config/systemd/user/container-user-nginx.service
Reload the systemd
daemon to pick up the new unit file. (--user
option specified):
systemctl --user daemon-reload
Enable the container so it starts automatically on boot. (--user
option specified):
systemctl --user enable container-user-nginx.service
Command will create a symbolic link when enabling a service:
Created symlink /home/user1/.config/systemd/user/default.target.wants/container-user-nginx.service -> /home/user1/.config/systemd/user/container-user-nginx.service.
Reboot the machine as you will want to ensure the service starts on boot, in turn starting the container:
sudo reboot
After reboot, check the service status:
systemctl --user status container-user-nginx
The output shows the container is running:
- container-user-nginx.service - Podman container-user-nginx.service
Loaded: loaded (/home/dtvlinux/.config/systemd/user/container-user-nginx.s>
Active: active (running) since Tue 2023-09-05 08:50:04 BST; 1min 44s ago
Docs: man:podman-generate-systemd(1)
Process: 1291 ExecStart=/usr/bin/podman start user-nginx (code=exited, stat>
Main PID: 1464 (conmon)
Tasks: 14 (limit: 48714)
Memory: 24.6M
CPU: 204ms
CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/container->
├─1414 /usr/bin/slirp4netns --disable-host-loopback --mtu=65520 -->
├─1428 rootlessport
├─1443 rootlessport-child
└─1464 /usr/bin/conmon --api-version 1 -c f5fcfe29fe023b32d9ff7925
Confirm the container is running by using podman ps
command:
podman ps
Container will show as up:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f5fcfe29fe02 docker.io/library/nginx:latest nginx -g daemon o... 4 minutes ago Up 2 minutes 0.0.0.0:8081->80/tcp user-nginx
Make sure the container is serving content:
curl http://localhost:8081
nginx
welcome page should display:
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
Support DTV Linux
Click on each book below to review & buy on Amazon. As an Amazon Associate, I earn from qualifying purchases.
NordVPN ®: Elevate your online privacy and security. Grab our Special Offer to safeguard your data on public Wi-Fi and secure your devices. I may earn a commission on purchases made through this link.