podman_quadlet_등록

Podman Quadlet 등록

컨테이너를 시스템 부팅시 자동으로 실행하게 하거나 systemd를 이용하여 제어하는 경우 컨테이너 systemd 등록 방법을 이용하였으나 RHEL9 Podman 4.6 버전 이후부터는 Quadlet 사용을 권장한다.

전통적으로 podman/docker cli 명령어로 아래처럼 컨테이너를 기동한다. 

test-debian:~# podman run -d --name nginx -v /data/html:/usr/share/nginx/html:ro -p 80:80 -p 443:443 docker.io/library/nginx

test-debian:~# podman ps -a
CONTAINER ID  IMAGE                           COMMAND               CREATED        STATUS            PORTS                                     NAMES
10593d057410  docker.io/library/nginx:latest  nginx -g daemon o...  3 seconds ago  Up 3 seconds ago  0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp  nginx

systemd generate 방식

위 컨테이너를 systemd에 등록하기 위해서는 아래처럼 수행한다. 

test-debian:~# podman generate systemd nginx > /etc/systemd/system/podman-nginx.service
test-debian:~# systemctl daemon-reload
test-debian:~# systemctl status podman-nginx.service 
○ podman-nginx.service - Podman container-10593d05741041022e1f46a19054f1a8ef71ba7a307cea3e4caa1f89ceb8edfa.service
     Loaded: loaded (/etc/systemd/system/podman-nginx.service; disabled; preset: enabled)
     Active: inactive (dead)
       Docs: man:podman-generate-systemd(1)

systemd quadlet 방식

그러나 podman 4.6 버전 이후부터는 systemd generate를 이용하게 되면 아래와 같은 경고 문구가 나오게 된다. 

[root@kvm33 ~]# podman generate systemd nginx > /etc/systemd/system/podman-nginx.service

DEPRECATED command:
It is recommended to use Quadlets for running containers and pods under systemd.

Please refer to podman-systemd.unit(5) for details.

따라서 podman 4.6버전 이후부터는 아래와 같이 Quadlet을 만들어 systemd에 등록하여 사용한다.

quadlet을 등록할 수 있는 경로는 아래와 같다.

  • root 사용자의 경우: /usr/share/containers/systemd/ 또는 /etc/containers/systemd/
  • rootless 사용자의 경우: $HOME/.config/containers/systemd/, $XDG_CONFIG_HOME/containers/systemd/, /etc/containers/systemd/users/$(UID) 또는 /etc/containers/systemd/users/
[root@kvm33 systemd]# cat > /etc/containers/systemd/nginx.container
# nginx container quadlet
[Unit]
Description=The nginx container
After=local-fs.target network.target

[Container]
# 사용할 이미지
Image=docker.io/library/nginx:latest

# 포트 바인딩 설정 (호스트의 80, 443 포트를 컨테이너의 80, 443 포트에 매핑)
PublishPort=80:80
PublishPort=443:443

# 디렉토리 마운트 설정 (호스트의 /data/html을 컨테이너의 /usr/share/nginx/html로 읽기 전용으로 마운트)
Volume=/data/html:/usr/share/nginx/html:ro

[Install]
# Start by default on boot
WantedBy=multi-user.target default.target

위와 같이 등록 후 systemctl daemon-reload를 수행하여 systemd service 를 생성한다. 

[root@kvm33 systemd]# systemctl daemon-reload

[root@kvm33 systemd]# journalctl -f
Sep 27 12:14:06 kvm33 systemd[1]: Reloading.
Sep 27 12:14:06 kvm33 systemd-rc-local-generator[103106]: /etc/rc.d/rc.local is not marked executable, skipping.

만약 quadlet파일에 오류가 있는경우 아래와 같이 출력된다. 

[root@kvm33 systemd]# journalctl -f
Sep 27 11:22:58 kvm33 systemd-rc-local-generator[101427]: /etc/rc.d/rc.local is not marked executable, skipping.
Sep 27 11:22:58 kvm33 systemd[101403]: /usr/lib/systemd/system-generators/podman-system-generator failed with exit status 1.
Sep 27 11:24:32 kvm33 systemd[1]: Reloading.
Sep 27 11:24:32 kvm33 quadlet-generator[101492]: converting "nginx.container": unsupported key 'Detach' in group 'Container' in /etc/containers/systemd/nginx.container
Sep 27 11:24:32 kvm33 systemd-rc-local-generator[101512]: /etc/rc.d/rc.local is not marked executable, skipping.
Sep 27 11:24:32 kvm33 systemd[101488]: /usr/lib/systemd/system-generators/podman-system-generator failed with exit status 1.
Sep 27 11:24:47 kvm33 systemd[1]: Reloading.
Sep 27 11:24:47 kvm33 quadlet-generator[101525]: converting "nginx.container": unsupported key 'RestartPolicy' in group 'Container' in /etc/containers/systemd/nginx.container
Sep 27 11:24:47 kvm33 systemd-rc-local-generator[101544]: /etc/rc.d/rc.local is not marked executable, skipping.
Sep 27 11:24:47 kvm33 systemd[101521]: /usr/lib/systemd/system-generators/podman-system-generator failed with exit status 1.

이후 서비스 기동 수행한다. 

[root@kvm33 systemd]# systemctl status nginx
○ nginx.service - The nginx container
     Loaded: loaded (/etc/containers/systemd/nginx.container; generated)
     Active: inactive (dead)
[root@kvm33 systemd]# systemctl restart nginx
[root@kvm33 systemd]# systemctl status nginx
● nginx.service - The nginx container
     Loaded: loaded (/etc/containers/systemd/nginx.container; generated)
     Active: active (running) since Fri 2024-09-27 12:17:04 KST; 3s ago
   Main PID: 103363 (conmon)
      Tasks: 26 (limit: 3296240)
     Memory: 21.0M
        CPU: 165ms
     CGroup: /system.slice/nginx.service
             ├─libpod-payload-de01f8a650ae6d7e0893c6e3d399d219af3c44ebad4f73bda6615d477d210bf2
             │ ├─103365 "nginx: master process nginx -g daemon off;"
             │ ├─103394 "nginx: worker process"
             │ ├─103395 "nginx: worker process"
             │ ├─103396 "nginx: worker process"
             │ ├─103397 "nginx: worker process"
             │ ├─103398 "nginx: worker process"
             │ ├─103399 "nginx: worker process"
             │ ├─103400 "nginx: worker process"
             │ ├─103401 "nginx: worker process"
             │ ├─103402 "nginx: worker process"
             │ ├─103403 "nginx: worker process"
             │ ├─103404 "nginx: worker process"
             │ ├─103405 "nginx: worker process"
             │ ├─103406 "nginx: worker process"
             │ ├─103407 "nginx: worker process"
             │ ├─103408 "nginx: worker process"
             │ ├─103409 "nginx: worker process"
             │ ├─103410 "nginx: worker process"
             │ ├─103411 "nginx: worker process"
             │ ├─103412 "nginx: worker process"
             │ ├─103413 "nginx: worker process"
             │ ├─103414 "nginx: worker process"
             │ ├─103415 "nginx: worker process"
             │ ├─103416 "nginx: worker process"
             │ └─103417 "nginx: worker process"
             └─runtime
               └─103363 /usr/bin/conmon --api-version 1 -c de01f8a650ae6d7e0893c6e3d399d219af3c44ebad4f73bda6615d477d210bf2 -u de01f8a650ae6d7e0893c6e3d399d219af3c44ebad4f73bda6615d477d210bf2 -r /usr/bin/crun -b /var/lib/containers/storage/overlay-conta>

Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 38
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 39
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 40
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 41
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 42
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 43
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 44
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 45
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 46
Sep 27 12:17:04 kvm33 systemd-nginx[103363]: 2024/09/27 03:17:04 [notice] 1#1: start worker process 47
[root@kvm33 systemd]# podman ps -a
CONTAINER ID  IMAGE                           COMMAND               CREATED        STATUS        PORTS                                     NAMES
de01f8a650ae  docker.io/library/nginx:latest  nginx -g daemon o...  5 seconds ago  Up 6 seconds  0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp  systemd-nginx

참조링크

  • podman_quadlet_등록.txt
  • 마지막으로 수정됨: 2024/09/27 03:22
  • 저자 koov