Auto start container
方式: Add the container to systemd
原因" Podman uses the standard fork/exec model
Step1. Start CT
./start-ct.sh
podman ps # 查看 container 是否成功運行
Step2. 建立 .service file
podman generate systemd \
--new --name CT_NAME > CT_NAME.service
"--new"
Using this flag will yield unit files that do not expect containers and pods to exist.
Instead, new containers are created based on their configuration files.
"--new" only works on containers and pods created directly via Podman.
It does not work on containers or pods created via the REST API or via podman kube play.
i.e.
/etc/systemd/system/nginx.service
[Service] Restart=on-failure ExecStart=/usr/bin/podman run \ --cidfile=%t/%n.ctr-id \ --cgroups=no-conmon \ --rm \ --sdnotify=conmon \ --replace \ -dit \ --privileged \ --volume /sys/fs/cgroup:/sys/fs/cgroup:ro \ ... ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id Type=notify NotifyAccess=all
no "--new"
ExecStart=/usr/bin/podman start nginx ExecStop=/usr/bin/podman stop -t 10 nginx ExecStopPost=/usr/bin/podman stop -t 10 nginx
Step3. Enable autostart
mv nginx.service /etc/systemd/system/
Check
systemctl list-unit-files | grep nginx
nginx.service disabled
systemctl enable nginx --now
systemctl status nginx
● nginx.service - Podman container-nginx.service Loaded: loaded (/etc/systemd/system/nginx.service; enabled; vendor preset: disabled) Active: active (running) since Wed 2022-10-26 13:27:16 HKT; 5s ago
Stop Container
If you try to run "podman stop nginx",
=> the container will be restarted by systemd because of to the “Restart=on-failure” policy.
More info: systemd restart
systemctl stop nginx
Auto start rootless container
* Steps 詳見上一段
Step1. Start CT
CT=openai-proxy
./start_docker.sh
#!/bin/bash name=openai-proxy image=openai-proxy:v3 base=/home/vhosts/openai-proxy code=$base/code port=4431 #### Code podman run --name $name -dit \ --privileged \ --volume /sys/fs/cgroup:/sys/fs/cgroup:ro \ --cap-add=AUDIT_WRITE \ --hostname $name \ -v $code:/home/code \ -p $port:$port \ $image
Step2. 建立 .service file
podman generate systemd --new --name $CT > ${CT}.service
mkdir ~/.config/systemd/user/ -p
mv ${CT}.service ~/.config/systemd/user/
Step3.
# To relaod systemd a non-root user
systemctl --user daemon-reload
# enable a systemd service for a non-root user
systemctl --user enable $CT --now
Created symlink /home/openai-proxy/.config/systemd/user/default.target.wants/openai-proxy.service → /home/openai-proxy/.config/systemd/user/openai-proxy.service.
# Check status
podman ps | grep $CT # 查看是否 start 了
systemctl --user status $CT
Step4. rootless 才須要此步驟
loginctl enable-linger openai-proxy
詳見: loginctl