diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2020-01-15 18:14:11 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-01-15 18:14:11 +0100 |
commit | 974373f2b3202b93e33251dcc5b14f3274cc0796 (patch) | |
tree | 8897ebca7123e858d3babe4e13edb16cb55ce6f0 /contrib/systemd | |
parent | e025b43060e7d9841dfdc7c9bfca93c7d99241b4 (diff) | |
parent | 89678ab0edb0429adc515b7abfedb69db7323bde (diff) | |
download | podman-974373f2b3202b93e33251dcc5b14f3274cc0796.tar.gz podman-974373f2b3202b93e33251dcc5b14f3274cc0796.tar.bz2 podman-974373f2b3202b93e33251dcc5b14f3274cc0796.zip |
Merge pull request #4868 from jwhonce/wip/sshd
[CI:DOCS] Add APIv2 CLI example POC
Diffstat (limited to 'contrib/systemd')
-rw-r--r-- | contrib/systemd/README.md | 102 | ||||
-rw-r--r-- | contrib/systemd/system/podman.service | 17 | ||||
-rw-r--r-- | contrib/systemd/system/podman.socket | 10 | ||||
-rw-r--r-- | contrib/systemd/user/podman.service | 17 | ||||
-rw-r--r-- | contrib/systemd/user/podman.socket | 10 |
5 files changed, 156 insertions, 0 deletions
diff --git a/contrib/systemd/README.md b/contrib/systemd/README.md new file mode 100644 index 000000000..20f11467a --- /dev/null +++ b/contrib/systemd/README.md @@ -0,0 +1,102 @@ +# Setting up Podman service for systemd socket activation + +## system-wide (podman service run as root) + +The following unit file examples assume: + 1. copied the `service` executable into `/usr/local/bin` + 1. `chcon system_u:object_r:container_runtime_exec_t:s0 /usr/local/bin/service` + +then: + 1. copy the `podman.service` and `podman.socket` files into `/etc/systemd/system` + 1. `systemctl daemon-reload` + 1. `systemctl enable podman.socket` + 1. `systemctl start podman.socket` + 1. `systemctl status podman.socket podman.service` + +Assuming the status messages show no errors, the libpod service is ready to respond to the APIv2 on the unix domain socket `/run/podman/podman.sock` + +### podman.service +```toml +[Unit] +Description=Podman API Service +Requires=podman.socket +After=podman.socket +Documentation=man:podman-api(1) +StartLimitIntervalSec=0 + +[Service] +Type=oneshot +Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf +ExecStart=/usr/local/bin/service +TimeoutStopSec=30 +KillMode=process + +[Install] +WantedBy=multi-user.target +Also=podman.socket +``` +### podman.socket + +```toml +[Unit] +Description=Podman API Socket +Documentation=man:podman-api(1) + +[Socket] +ListenStream=%t/podman/podman.sock +SocketMode=0660 + +[Install] +WantedBy=sockets.target +``` +## user (podman service run as given user aka "rootless") + +The following unit file examples assume: + 1. you have a created a directory `~/bin` + 1. copied the `service` executable into `~/bin` + 1. `chcon system_u:object_r:container_runtime_exec_t:s0 ~/bin/service` + +then: + 1. `mkdir -p ~/.config/systemd/user` + 1. copy the `podman.service` and `podman.socket` files into `~/.config/systemd/user` + 1. `systemctl --user enable podman.socket` + 1. `systemctl --user start podman.socket` + 1. `systemctl --user status podman.socket podman.service` + +Assuming the status messages show no errors, the libpod service is ready to respond to the APIv2 on the unix domain socket `/run/user/$(id -u)/podman/podman.sock` + +### podman.service + +```toml +[Unit] +Description=Podman API Service +Requires=podman.socket +After=podman.socket +Documentation=man:podman-api(1) +StartLimitIntervalSec=0 + +[Service] +Type=oneshot +Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf +ExecStart=%h/bin/service +TimeoutStopSec=30 +KillMode=process + +[Install] +WantedBy=multi-user.target +Also=podman.socket +``` +### podman.socket + +```toml +[Unit] +Description=Podman API Socket +Documentation=man:podman-api(1) + +[Socket] +ListenStream=%t/podman/podman.sock +SocketMode=0660 + +[Install] +WantedBy=sockets.target +``` diff --git a/contrib/systemd/system/podman.service b/contrib/systemd/system/podman.service new file mode 100644 index 000000000..13d858627 --- /dev/null +++ b/contrib/systemd/system/podman.service @@ -0,0 +1,17 @@ +[Unit] +Description=Podman API Service +Requires=podman.socket +After=podman.socket +Documentation=man:podman-api(1) +StartLimitIntervalSec=0 + +[Service] +Type=oneshot +Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf +ExecStart=/usr/local/bin/service +TimeoutStopSec=30 +KillMode=process + +[Install] +WantedBy=multi-user.target +Also=podman.socket diff --git a/contrib/systemd/system/podman.socket b/contrib/systemd/system/podman.socket new file mode 100644 index 000000000..8b22e31e4 --- /dev/null +++ b/contrib/systemd/system/podman.socket @@ -0,0 +1,10 @@ +[Unit] +Description=Podman API Socket +Documentation=man:podman-api(1) + +[Socket] +ListenStream=%t/podman/podman.sock +SocketMode=0660 + +[Install] +WantedBy=sockets.target diff --git a/contrib/systemd/user/podman.service b/contrib/systemd/user/podman.service new file mode 100644 index 000000000..81fa55cf8 --- /dev/null +++ b/contrib/systemd/user/podman.service @@ -0,0 +1,17 @@ +[Unit] +Description=Podman API Service +Requires=podman.socket +After=podman.socket +Documentation=man:podman-api(1) +StartLimitIntervalSec=0 + +[Service] +Type=oneshot +Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf +ExecStart=%h/bin/service +TimeoutStopSec=30 +KillMode=process + +[Install] +WantedBy=multi-user.target +Also=podman.socket diff --git a/contrib/systemd/user/podman.socket b/contrib/systemd/user/podman.socket new file mode 100644 index 000000000..8b22e31e4 --- /dev/null +++ b/contrib/systemd/user/podman.socket @@ -0,0 +1,10 @@ +[Unit] +Description=Podman API Socket +Documentation=man:podman-api(1) + +[Socket] +ListenStream=%t/podman/podman.sock +SocketMode=0660 + +[Install] +WantedBy=sockets.target |