Podman Quadlet 등록

문서의 이전 판입니다!

컨테이너를 시스템 부팅시 자동으로 실행하게 하거나 systemd를 이용하여 제어하는 경우 컨테이너 systemd 등록 방법을 이용하였으나 RHEL9 Podman 4.6 버전 이후부터는 Quadlet 사용을 권장한다.

전통적으로 podman/docker cli 명령어로 아래처럼 컨테이너를 기동한다.

test-debian:~# podman run -d --name nginx -v /data/html:/usr/share/nginx/html:ro -p 80:80 -p 443:443 docker.io/library/nginx

test-debian:~# podman ps -a
CONTAINER ID  IMAGE                           COMMAND               CREATED        STATUS            PORTS                                     NAMES
10593d057410  docker.io/library/nginx:latest  nginx -g daemon o...  3 seconds ago  Up 3 seconds ago  0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp  nginx

위 컨테이너를 systemd에 등록하기 위해서는 아래처럼 수행한다.

test-debian:~# podman generate systemd nginx > /etc/systemd/system/podman-nginx.service
test-debian:~# systemctl daemon-reload
test-debian:~# systemctl status podman-nginx.service 
○ podman-nginx.service - Podman container-10593d05741041022e1f46a19054f1a8ef71ba7a307cea3e4caa1f89ceb8edfa.service
     Loaded: loaded (/etc/systemd/system/podman-nginx.service; disabled; preset: enabled)
     Active: inactive (dead)
       Docs: man:podman-generate-systemd(1)

그러나 podman 4.6 버전 이후부터는 systemd generate를 이용하게 되면 아래와 같은 경고 문구가 나오게 된다.

[root@kvm33 ~]# podman generate systemd nginx > /etc/systemd/system/podman-nginx.service

DEPRECATED command:
It is recommended to use Quadlets for running containers and pods under systemd.

Please refer to podman-systemd.unit(5) for details.

따라서 podman 4.6버전 이후부터는 아래와 같이 Quadlet을 만들어 systemd에 등록하여 사용한다.

quadlet을 등록할 수 있는 경로는 아래와 같다.

root 사용자의 경우: /usr/share/containers/systemd/ 또는 /etc/containers/systemd/
rootless 사용자의 경우: $HOME/.config/containers/systemd/, $XDG_CONFIG_HOME/containers/systemd/, /etc/containers/systemd/users/$(UID) 또는 /etc/containers/systemd/users/

[root@kvm33 systemd]# cat > /etc/containers/systemd/nginx.container
# nginx container quadlet
[Unit]
Description=The nginx container
After=local-fs.target network.target

[Container]
# 사용할 이미지
Image=docker.io/library/nginx:latest

# 포트 바인딩 설정 (호스트의 80, 443 포트를 컨테이너의 80, 443 포트에 매핑)
PublishPort=80:80
PublishPort=443:443

# 디렉토리 마운트 설정 (호스트의 /data/html을 컨테이너의 /usr/share/nginx/html로 읽기 전용으로 마운트)
Volume=/data/html:/usr/share/nginx/html:ro

[Install]
# Start by default on boot
WantedBy=multi-user.target default.target

위와 같이 등록 후 systemctl daemon-reload를 수행하여 systemd service 를 생성한다.

[root@kvm33 systemd]# systemctl daemon-reload

[root@kvm33 systemd]# journalctl -f
Sep 27 12:14:06 kvm33 systemd[1]: Reloading.
Sep 27 12:14:06 kvm33 systemd-rc-local-generator[103106]: /etc/rc.d/rc.local is not marked executable, skipping.

만약 quadlet파일에 오류가 있는경우 아래와 같이 출력된다.

[root@kvm33 systemd]# journalctl -f
Sep 27 11:22:58 kvm33 systemd-rc-local-generator[101427]: /etc/rc.d/rc.local is not marked executable, skipping.
Sep 27 11:22:58 kvm33 systemd[101403]: /usr/lib/systemd/system-generators/podman-system-generator failed with exit status 1.
Sep 27 11:24:32 kvm33 systemd[1]: Reloading.
Sep 27 11:24:32 kvm33 quadlet-generator[101492]: converting "nginx.container": unsupported key 'Detach' in group 'Container' in /etc/containers/systemd/nginx.container
Sep 27 11:24:32 kvm33 systemd-rc-local-generator[101512]: /etc/rc.d/rc.local is not marked executable, skipping.
Sep 27 11:24:32 kvm33 systemd[101488]: /usr/lib/systemd/system-generators/podman-system-generator failed with exit status 1.
Sep 27 11:24:47 kvm33 systemd[1]: Reloading.
Sep 27 11:24:47 kvm33 quadlet-generator[101525]: converting "nginx.container": unsupported key 'RestartPolicy' in group 'Container' in /etc/containers/systemd/nginx.container
Sep 27 11:24:47 kvm33 systemd-rc-local-generator[101544]: /etc/rc.d/rc.local is not marked executable, skipping.
Sep 27 11:24:47 kvm33 systemd[101521]: /usr/lib/systemd/system-generators/podman-system-generator failed with exit status 1.

이후 서비스 기동 수행한다.

[root@kvm33 systemd]# systemctl status nginx
○ nginx.service - The nginx container
     Loaded: loaded (/etc/containers/systemd/nginx.container; generated)
     Active: inactive (dead)
[root@kvm33 systemd]# systemctl restart nginx
[root@kvm33 systemd]# systemctl status nginx
● nginx.service - The nginx container
     Loaded: loaded (/etc/containers/systemd/nginx.container; generated)
     Active: active (running) since Fri 2024-09-27 12:17:04 KST; 3s ago
   Main PID: 103363 (conmon)
      Tasks: 26 (limit: 3296240)
     Memory: 21.0M
        CPU: 165ms
     CGroup: /system.slice/nginx.service
             ├─libpod-payload-de01f8a650ae6d7e0893c6e3d399d219af3c44ebad4f73bda6615d477d210bf2
             │ ├─103365 "nginx: master process nginx -g daemon off;"
             │ ├─103394 "nginx: worker process"
             │ ├─103395 "nginx: worker process"
             │ ├─103396 "nginx: worker process"
             │ ├─103397 "nginx: worker process"
             │ ├─103398 "nginx: worker process"
             │ ├─103399 "nginx: worker process"
             │ ├─103400 "nginx: worker process"
             │ ├─103401 "nginx: worker process"
             │ ├─103402 "nginx: worker process"
             │ ├─103403 "nginx: worker process"
             │ ├─103404 "nginx: worker process"
             │ ├─103405 "nginx: worker process"
             │ ├─103406 "nginx: worker process"
             │ ├─103407 "nginx: worker process"
             │ ├─103408 "nginx: worker process"
             │ ├─103409 "nginx: worker process"
             │ ├─103410 "nginx: worker process"
             │ ├─103411 "nginx: worker process"
             │ ├─103412 "nginx: worker process"
             │ ├─103413 "nginx: worker process"
             │ ├─103414 "nginx: worker process"
             │ ├─103415 "nginx: worker process"
             │ ├─103416 "nginx: worker process"
             │ └─103417 "nginx: worker process"
             └─runtime
               └─103363 /usr/bin/conmon --api-version 1 -c de01f8a650ae6d7e0893c6e3d399d219af3c44ebad4f73bda6615d477d210bf2 -u de01f8a650ae6d7e0893c6e3d399d219af3c44ebad4f73bda6615d477d210bf2 -r /usr/bin/crun -b /var/lib/containers/storage/overlay-conta>

Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 38
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 39
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 40
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 41
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 42
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 43
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 44
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 45
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 46
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 47
[root@kvm33 systemd]# podman ps -a
CONTAINER ID  IMAGE                           COMMAND               CREATED        STATUS        PORTS                                     NAMES
de01f8a650ae  docker.io/library/nginx:latest  nginx -g daemon o...  5 seconds ago  Up 6 seconds  0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp  systemd-nginx

https://docs.redhat.com/ko/documentation/red_hat_enterprise_linux/9/html/building_running_and_managing_containers/assembly_porting-containers-to-systemd-using-podman_building-running-and-managing-containers#auto-generating-a-systemd-unit-file-using-quadlets_assembly_porting-containers-to-systemd-using-podman

Podman Quadlet 등록

systemd generate 방식

systemd quadlet 방식

참조링크

AllThatLinux!