Using systemd to control the startup of Podman containers

Podman wasn’t designed to manage containers startup order, dependency checking or failed container recovery. In fact, this job can be done by external tools and this blog post describes how we can use the systemd initialization service to work with Podman containers.

Thanks to systemd, containers can be managed in the same way as other services on a Linux system.

By setting up a systemd unit file on the host, we can have the host automatically start, stop, check the status, and otherwise manage a container as a regular systemd service.

Let’s prepare the container (example with Redis):

podman pull docker.io/redis
sudo podman run -d --name redis -p 6379:6379 redis

Check that the container is actually running with podman ps:

CONTAINER ID   IMAGE                            COMMAND                  CREATED          STATUS             PORTS                    NAMES
411a6c6be7d8   docker.io/library/redis:latest   docker-entrypoint.s...   10 minutes ago   Up 5 minutes ago>6379/tcp   redis

Now, let’s create the systemd unit file in /etc/systemd/system/redis.service:

Description=Redis Podman container
ExecStart=/usr/bin/podman start -a redis
ExecStop=/usr/bin/podman stop -t 10 redis

Enable and start the systemd service:

sudo systemctl enable redis.service
sudo systemctl start redis.service

The container is running redis-server:

$ sudo podman top redis
redis   1     0      0.000   15m14.490268713s   ?     0s     redis-server *:6379

Check that the service is seen as active in systemd with sudo systemctl status redis:

redis.service - Redis Podman container
   Loaded: loaded (/etc/systemd/system/redis.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2018-09-13 12:24:00 PDT; 1s ago
 Main PID: 1520 (podman)
    Tasks: 8 (limit: 4708)
   Memory: 7.8M
   CGroup: /system.slice/redis.service
           └─1520 /usr/local/bin/podman start -a redis

Sep 13 12:24:00 fedora28.localdomain systemd[1]: Started Redis Podman container.

Note that if you try to run podman stop redis, the container will be restarted by systemd because of to the “Restart=always” policy. The proper way to stop the container is to run sudo service redis stop.

An alternative to systemd for controlling containers lifecycle is to use CRI-O but this would be for another blog post :-).