summaryrefslogtreecommitdiff
path: root/contrib/systemd
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2020-01-15 18:14:11 +0100
committerGitHub <noreply@github.com>2020-01-15 18:14:11 +0100
commit974373f2b3202b93e33251dcc5b14f3274cc0796 (patch)
tree8897ebca7123e858d3babe4e13edb16cb55ce6f0 /contrib/systemd
parente025b43060e7d9841dfdc7c9bfca93c7d99241b4 (diff)
parent89678ab0edb0429adc515b7abfedb69db7323bde (diff)
downloadpodman-974373f2b3202b93e33251dcc5b14f3274cc0796.tar.gz
podman-974373f2b3202b93e33251dcc5b14f3274cc0796.tar.bz2
podman-974373f2b3202b93e33251dcc5b14f3274cc0796.zip
Merge pull request #4868 from jwhonce/wip/sshd
[CI:DOCS] Add APIv2 CLI example POC
Diffstat (limited to 'contrib/systemd')
-rw-r--r--contrib/systemd/README.md102
-rw-r--r--contrib/systemd/system/podman.service17
-rw-r--r--contrib/systemd/system/podman.socket10
-rw-r--r--contrib/systemd/user/podman.service17
-rw-r--r--contrib/systemd/user/podman.socket10
5 files changed, 156 insertions, 0 deletions
diff --git a/contrib/systemd/README.md b/contrib/systemd/README.md
new file mode 100644
index 000000000..20f11467a
--- /dev/null
+++ b/contrib/systemd/README.md
@@ -0,0 +1,102 @@
+# Setting up Podman service for systemd socket activation
+
+## system-wide (podman service run as root)
+
+The following unit file examples assume:
+ 1. copied the `service` executable into `/usr/local/bin`
+ 1. `chcon system_u:object_r:container_runtime_exec_t:s0 /usr/local/bin/service`
+
+then:
+ 1. copy the `podman.service` and `podman.socket` files into `/etc/systemd/system`
+ 1. `systemctl daemon-reload`
+ 1. `systemctl enable podman.socket`
+ 1. `systemctl start podman.socket`
+ 1. `systemctl status podman.socket podman.service`
+
+Assuming the status messages show no errors, the libpod service is ready to respond to the APIv2 on the unix domain socket `/run/podman/podman.sock`
+
+### podman.service
+```toml
+[Unit]
+Description=Podman API Service
+Requires=podman.socket
+After=podman.socket
+Documentation=man:podman-api(1)
+StartLimitIntervalSec=0
+
+[Service]
+Type=oneshot
+Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf
+ExecStart=/usr/local/bin/service
+TimeoutStopSec=30
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+Also=podman.socket
+```
+### podman.socket
+
+```toml
+[Unit]
+Description=Podman API Socket
+Documentation=man:podman-api(1)
+
+[Socket]
+ListenStream=%t/podman/podman.sock
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target
+```
+## user (podman service run as given user aka "rootless")
+
+The following unit file examples assume:
+ 1. you have a created a directory `~/bin`
+ 1. copied the `service` executable into `~/bin`
+ 1. `chcon system_u:object_r:container_runtime_exec_t:s0 ~/bin/service`
+
+then:
+ 1. `mkdir -p ~/.config/systemd/user`
+ 1. copy the `podman.service` and `podman.socket` files into `~/.config/systemd/user`
+ 1. `systemctl --user enable podman.socket`
+ 1. `systemctl --user start podman.socket`
+ 1. `systemctl --user status podman.socket podman.service`
+
+Assuming the status messages show no errors, the libpod service is ready to respond to the APIv2 on the unix domain socket `/run/user/$(id -u)/podman/podman.sock`
+
+### podman.service
+
+```toml
+[Unit]
+Description=Podman API Service
+Requires=podman.socket
+After=podman.socket
+Documentation=man:podman-api(1)
+StartLimitIntervalSec=0
+
+[Service]
+Type=oneshot
+Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf
+ExecStart=%h/bin/service
+TimeoutStopSec=30
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+Also=podman.socket
+```
+### podman.socket
+
+```toml
+[Unit]
+Description=Podman API Socket
+Documentation=man:podman-api(1)
+
+[Socket]
+ListenStream=%t/podman/podman.sock
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target
+```
diff --git a/contrib/systemd/system/podman.service b/contrib/systemd/system/podman.service
new file mode 100644
index 000000000..13d858627
--- /dev/null
+++ b/contrib/systemd/system/podman.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=Podman API Service
+Requires=podman.socket
+After=podman.socket
+Documentation=man:podman-api(1)
+StartLimitIntervalSec=0
+
+[Service]
+Type=oneshot
+Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf
+ExecStart=/usr/local/bin/service
+TimeoutStopSec=30
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+Also=podman.socket
diff --git a/contrib/systemd/system/podman.socket b/contrib/systemd/system/podman.socket
new file mode 100644
index 000000000..8b22e31e4
--- /dev/null
+++ b/contrib/systemd/system/podman.socket
@@ -0,0 +1,10 @@
+[Unit]
+Description=Podman API Socket
+Documentation=man:podman-api(1)
+
+[Socket]
+ListenStream=%t/podman/podman.sock
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target
diff --git a/contrib/systemd/user/podman.service b/contrib/systemd/user/podman.service
new file mode 100644
index 000000000..81fa55cf8
--- /dev/null
+++ b/contrib/systemd/user/podman.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=Podman API Service
+Requires=podman.socket
+After=podman.socket
+Documentation=man:podman-api(1)
+StartLimitIntervalSec=0
+
+[Service]
+Type=oneshot
+Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf
+ExecStart=%h/bin/service
+TimeoutStopSec=30
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+Also=podman.socket
diff --git a/contrib/systemd/user/podman.socket b/contrib/systemd/user/podman.socket
new file mode 100644
index 000000000..8b22e31e4
--- /dev/null
+++ b/contrib/systemd/user/podman.socket
@@ -0,0 +1,10 @@
+[Unit]
+Description=Podman API Socket
+Documentation=man:podman-api(1)
+
+[Socket]
+ListenStream=%t/podman/podman.sock
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target