Container engines such as Podman or Docker were not endowed with the ability/feature to manage system services such as stopping services, start-up order, dependency checking, and recovery of failed services. That is most likely due to the reason that other initialization applications such as init and systemd were specifically developed to serve that purpose with the beauty instilled in them.
The good news is that Podman/Docker Containers can now be managed in a similar manner one can manage httpd, nginx, or any other service you are used to. To put it in other words, you can have your host start, stop, enable, check the status, and generally manage a container as a systemd service and we are going to learn how to do that in this guide.
Before we begin, another pretty feature is that it is further possible to start a given service such as Nginx installed within the container using systemd when the container starts up.
Using systemd to start containers
If you do not have podman installed, run the commands below to get up to speed
######## CentOS /RHEL 7/8 ##########
sudo dnf -y install podman
Install podman on Ubuntu
Follow the guide below to get podman on your Ubuntu:
Now that we are sailing in the same yacht, let us begin running, starting, stopping, and checking the status of our containers using systemd.
Step 1: Pull an image if you have none already
To serve as an example, let us pull an Nginx container from docker registry
$ podman pull docker.io/nginx
Check that the image is successfully pulled
$ podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/firstapache latest a0c546bc3927 23 hours ago 1.68 GB
docker.io/library/nginx latest 602e111c06b6 32 hours ago 131 MB
Step 2: Run the container using Podman
In this step, we shall initialize our image to run as an image with a name of our choosing. In the event that you are on CentOS /RHEL and you insist on using SELinux, you must turn on the container_manage_cgroup boolean to run containers with systemd as follows
sudo setsebool -P container_manage_cgroup on
After that, proceed to run the container
$ sudo podman run -d --name nginx_server -p 7070:80 nginx
384a42964b1b133d82320ebaa2f54407c7ca23d06154a5f413c8119026bda231
To confrim that the container is running, run the podman ps command
$ sudo podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
384a42964b1b docker.io/library/nginx:latest nginx -g daemon o... 48 seconds ago Up 46 seconds ago 0.0.0.0:7070->80/tcp nginx_server
Step 3: Configure container as systemd service
We are going to create the unit configuration file in the /etc/systemd/system/ directory. To serve as an example, we are going to create a file in the directory named /etc/systemd/system/nginx-container.service. Inside the file, populate with the familiar details like below and make sure that nginx_server is the same as the name you gave to your container when you ran it using podman run in step 2. In case you are not sure, just run “sudo podman ps” and check the “NAMES” column.
$ sudo vim /etc/systemd/system/nginx-container.service
[Unit]
Description=Cool Nginx container
Wants=syslog.service
[Service]
Restart=always
ExecStart=/usr/bin/podman start -a nginx_server
ExecStop=/usr/bin/podman stop -t 2 nginx_server
[Install]
WantedBy=multi-user.target
And as simple as that, we are ready to manage the container just like any other service using systemd.
Step 4: Testing that the settings work
Start the service
Run the usual systemd start command to start our service
sudo systemctl start nginx-container
Check its status
$ systemctl status nginx-container
● nginx-container.service - Cool Nginx container
Loaded: loaded (/etc/systemd/system/nginx-container.service; disabled; vendor preset: disabled)
Active: active (running) since Fri 2020-04-24 21:58:15 UTC; 9s ago
Main PID: 3910 (podman)
Tasks: 11 (limit: 11121)
Memory: 32.2M
CGroup: /system.slice/nginx-container.service
└─3910 /usr/bin/podman start -a nginx_server
If you would wish to run the container when the system boots up, simply enable it as below
$ sudo systemctl enable nginx-container
Created symlink /etc/systemd/system/local.target.wants/nginx-container.service → /etc/systemd/system/nginx-container.service.
Culmination
It is wonderful how the sailing in our yacht has been thus far and we hope you enjoyed it as much as we did. As a result, we are now able to run our containers as systemd services and the experience was great. Thank you for giving us company during the sail and as we dock, you can enjoy another journey by clicking on the links below.