podman容器开机自启
root用户
拉取busybox镜像作测试
[root@localhost ~]# podman pull busybox
Resolved "busybox" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull docker.io/library/busybox:latest...
Getting image source signatures
Copying blob 5cc84ad355aa done
Copying config beae173cca done
Writing manifest to image destination
Storing signatures
beae173ccac6ad749f76713cf4440fe3d21d1043fe616dfbe30775815d1d0f6a
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/busybox latest beae173ccac6 4 months ago 1.46 MB
#用busybox镜像创建一个测试容器
[root@localhost ~]# podman run -itd --name test docker.io/library/busybox:latest
d95c0ccd75afd32506a0236956bb6e393369ff3e2f3f2fdcf4230bc0dedd05c7
#创建容器自启动service文件
#如果希望每次启动容器都会删除旧的容器,启动一个全新的容器,则使用--new选项
[root@localhost ~]# podman generate systemd --files --name test --new
/root/container-test.service
#将生成的文件放到/usr/lib/systemd/system/目录中
[root@localhost ~]# ls
container-test.service
[root@localhost ~]# mv container-test.service /usr/lib/systemd/system
#重启让其生效
[root@localhost ~]# systemctl daemon-reload
#修改selinux
[root@localhost ~]# setenforce 0
[root@localhost ~]# vim /etc/selinux/config
SELINUX=disabled
#设置开机自启
[root@localhost ~]# systemctl enable --now container-test.service
Created symlink /etc/systemd/system/default.target.wants/container-test.service → /usr/lib/systemd/system/container-test.service.
#重启测试
[root@localhost ~]# reboot
[root@localhost ~]# systemctl status container-test.service //状态为running
● container-test.service - Podman container-test.service
Loaded: loaded (/usr/lib/systemd/system/container-test.service; enabled; vendor>
Active: active (running) since Tue 2022-05-10 16:36:45 CST; 41s ago
Docs: man:podman-generate-systemd(1)
Process: 1351 ExecStartPre=/bin/rm -f /run/container-test.service.ctr-id (code=e>
Main PID: 1713 (conmon)
Tasks: 2 (limit: 11047)
Memory: 74.9M
CGroup: /system.slice/container-test.service
└─1713 /usr/bin/conmon --api-version 1 -c 2443a45ab40f4581febb5cfbf7e7e>
[root@localhost ~]# podman ps -a //容器也是开启的
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2443a45ab40f docker.io/library/busybox:latest sh 2 minutes ago Up 2 minutes ago test
普通用户
#创建一个普通用户
[root@localhost ~]# useradd tom
[root@localhost ~]# echo "123.com" | passwd --stdin tom
更改用户 tom 的密码 。
passwd:所有的身份验证令牌已经成功更新。
[root@localhost ~]# su - tom //登录到普通用户
[tom@localhost ~]$ podman pull busybox
[tom@localhost ~]$ podman run -itd --name test docker.io/library/busybox:latest
2f78fc7cb072f0c6ca2b0a9de1fb7c261f2b5978df2f0f02a74e357c6ca5c7dc
[tom@localhost ~]$ mkdir -p .config/systemd/user //创建存放开机自启文件的目录
[tom@localhost ~]$ cd .config/systemd/user/
[tom@localhost user]$ podman generate systemd --files --name test --new //生成开机自启文件
/home/tom/.config/systemd/user/container-test.service
[tom@localhost user]$ ls
container-test.service
开启新终端测试
[root@localhost ~]# ssh tom@localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is SHA256:54jG+WErfqacJAPvYi1U9ePLwhOp9q3Hit65I3p3OuA.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
tom@localhost's password:
Activate the web console with: systemctl enable --now cockpit.socket
Last login: Mon May 23 11:18:05 2022
[tom@localhost ~]$ systemctl --user enable --now container-test.service
Created symlink /home/tom/.config/systemd/user/default.target.wants/container-test.service → /home/tom/.config/systemd/user/container-test.service.
#查看状态为running
[tom@localhost ~]$ systemctl --user status container-test.service
● container-test.service - Podman container-test.service
Loaded: loaded (/home/tom/.config/systemd/user/container-test.service; enabled;>
Active: active (running) since Mon 2022-05-23 11:23:08 CST; 47s ago
Docs: man:podman-generate-systemd(1)
Main PID: 113048 (conmon)
CGroup: /user.slice/user-1000.slice/user@1000.service/container-test.service
├─113044 /usr/bin/slirp4netns --disable-host-loopback --mtu=65520 --ena>
├─113048 /usr/bin/conmon --api-version 1 -c bb66170ea181bed0fcd0619aaa6>
└─bb66170ea181bed0fcd0619aaa60d0dc9768b4c29467f9034b4af46de785f32b
└─113060 sh