podman的版本要在1.9.3以上才支持容器自启动
podman容器自启动需要被systemd接管

创建一个容器

podman run --name web -dti httpd

# 查看podman的进程
[cesu-c8 root ~]# ps -axu|grep podman

podman容器自启动_容器

使用generate创建自启动服务格式


创建kube格式的自启动文件

[cesu-c8 root ~]# podman generate kube web
# Generation of Kubernetes YAML is still under development!
#
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-3.2.3
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2021-11-02T08:58:31Z"
  labels:
    app: web
  name: web
spec:
  containers:
  - command:
    - /bin/bash
    env:
    - name: PATH
      value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    - name: TERM
      value: xterm
    - name: container
      value: podman
    image: docker.io/library/centos:latest
    name: web
    resources: {}
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_AUDIT_WRITE
      privileged: false
      readOnlyRootFilesystem: false
      seLinuxOptions: {}
    stdin: true
    tty: true
    volumeMounts:
    - mountPath: /web
      name: vol1-pvc
    workingDir: /
  dnsConfig: {}
  volumes:
  - name: vol1-pvc
    persistentVolumeClaim:
      claimName: vol1
status: {}

创建systemd格式的自启动文件

只是停止容器和启动容器的作用

# podman generate systemd --restart-policy 总是自动重启 -t 超时时间(秒) -n -f 容器名
## --restart-policy 表示重启策略
## -t 超时时间(秒)
## -n 表示使用容器名来代替容器id
## -f 表示生成服务文件
podman generate systemd --restart-policy always -t 1 -n -f web

# 简单写法,默认--restart-policy=on-failure
podman generate systemd -n -f web

# 会在当前目录生成一个container-容器名.service文件
[cesu-c8 root ~]# ls |grep *.service
container-web.service

(推荐)设置容器开机自启,且每次启动都删除旧容器启动新容器

–new参数,每次启动容器都会删除旧的容器,启动一个全新的容器
stop 会删除容器
start 会重新创建容器
缺点:如果容器很大,系统IO低,启动会很慢

# --new参数,每次启动都删除旧容器,启动一个新容器
podman generate systemd -n --new -f web

# 每次都启动新容器方式创建servcie
[cesu-c8 root ~]# podman generate systemd -n --new -f web
/root/container-web.service

# 查看servcice内容
## 里面有每次启动都会删除旧容器,ExecStartPre=/bin/rm -f %t/container-web.pid %t/container-web.ctr-id

[cesu-c8 root ~]# cat container-web.service 
# container-web.service
# autogenerated by Podman 3.2.3
# Tue Nov  2 17:57:52 CST 2021

[Unit]
Description=Podman container-web.service
Documentation=man:podman-generate-systemd(1)
Wants=network.target
After=network-online.target
RequiresMountsFor=%t/containers

[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
Restart=on-failure
TimeoutStopSec=70
ExecStartPre=/bin/rm -f %t/container-web.pid %t/container-web.ctr-id
ExecStart=/usr/bin/podman run --conmon-pidfile %t/container-web.pid --cidfile %t/container-web.ctr-id --cgroups=no-conmon --replace --name web -dti -v vol1:/web centos
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-web.ctr-id -t 10
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-web.ctr-id
PIDFile=%t/container-web.pid
Type=forking

[Install]
WantedBy=multi-user.target default.target

将service文件放到/etc/systemd/system/目录下

mv container-web.service /etc/systemd/system/

刷新systemd配置文件

systemctl daemon-reload

重新给容器自启动service文件的SELinux标记

如果开启了SELinux,需要对servcie文件冲亲打标记,否则无法启动

# 容器自启动的service文件的SELinux默认不是systemd_unit_file_t
# 需要给重新对该文件打SELinux标记
restorecon -RvF container-web.service
 
# 查看SELinux标记是否生效
ls -laZ container-web.service

systemctl设置容器service文件自启动

# 设置容器自启动并现在启动
[cesu-c8 root /etc/systemd/system]# systemctl enable container-web.service --now

# 查看容器service状态
[cesu-c8 root /etc/systemd/system]# systemctl status container-web.service 
● container-web.service - Podman container-web.service
   Loaded: loaded (/etc/systemd/system/container-web.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2021-11-02 17:25:41 CST; 3s ago
     Docs: man:podman-generate-systemd(1)
  Process: 31853 ExecStart=/usr/bin/podman start web (code=exited, status=0/SUCCESS)
 Main PID: 31912 (conmon)
    Tasks: 2 (limit: 4632)
   Memory: 1.2M
   CGroup: /system.slice/container-web.service
           └─31912 /usr/bin/conmon --api-version 1 -c 67853d8e627f5901d918f2b25f9183d1c837bd3685f0d0bba76d760ea5f874e7 -u 67853d8e62>

Nov 02 17:25:41 cesu-c8 systemd[1]: Starting Podman container-web.service...

重启测试容器是否自启动

# reboot

# 重启完成后podman查看容器是否在运行
[cesu-c8 root ~]# podman ps
CONTAINER ID  IMAGE                            COMMAND     CREATED            STATUS            PORTS       NAMES
67853d8e627f  docker.io/library/centos:latest  /bin/bash   About an hour ago  Up 6 minutes ago              web

# sysytemctl查看服务是否在运行
[cesu-c8 root ~]# systemctl status container-web.service 
● container-web.service - Podman container-web.service
   Loaded: loaded (/etc/systemd/system/container-web.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2021-11-02 17:30:04 CST; 6min ago
     Docs: man:podman-generate-systemd(1)
  Process: 1246 ExecStart=/usr/bin/podman start web (code=exited, status=0/SUCCESS)
 Main PID: 1382 (conmon)
    Tasks: 2 (limit: 4632)
   Memory: 75.1M
   CGroup: /system.slice/container-web.service
           └─1382 /usr/bin/conmon --api-version 1 -c 67853d8e627f5901d918f2b25f9183d1c837bd3685f0d0bba76d760ea5f874e7 -u 67853d8e627f5901d918f2b25f9183d1c837bd3685f0d0bba76d760ea5f874e7 -r /usr/bin/runc >

Nov 02 17:30:03 cesu-c8 systemd[1]: Starting Podman container-web.service...
Nov 02 17:30:04 cesu-c8 podman[1246]: web
Nov 02 17:30:04 cesu-c8 systemd[1]: Started Podman container-web.service.