diff options
author | Mathieu Velten <matmaul@gmail.com> | 2019-09-03 00:17:59 +0200 |
---|---|---|
committer | Mathieu Velten <matmaul@gmail.com> | 2019-09-03 00:33:33 +0200 |
commit | bb900be87facebaf51f23172fd7b518bd91077f2 (patch) | |
tree | a5d35f77b9e759597d4f32e1a95b1ffb6fca6a90 /docs/tutorials/rootless_tutorial.md | |
parent | 099549bd38c2b39fb884c8e9aecdf4e44c90b484 (diff) | |
download | podman-bb900be87facebaf51f23172fd7b518bd91077f2.tar.gz podman-bb900be87facebaf51f23172fd7b518bd91077f2.tar.bz2 podman-bb900be87facebaf51f23172fd7b518bd91077f2.zip |
rootless.md: add systemd unit example
Signed-off-by: Mathieu Velten <matmaul@gmail.com>
Diffstat (limited to 'docs/tutorials/rootless_tutorial.md')
-rw-r--r-- | docs/tutorials/rootless_tutorial.md | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/docs/tutorials/rootless_tutorial.md b/docs/tutorials/rootless_tutorial.md index 92595dd02..91962fead 100644 --- a/docs/tutorials/rootless_tutorial.md +++ b/docs/tutorials/rootless_tutorial.md @@ -80,6 +80,36 @@ The Podman configuration files for root reside in /usr/share/containers with ove The default authorization file used by the `podman login` and `podman logout` commands reside in ${XDG\_RUNTIME\_DIR}/containers/auth.json. +## Systemd unit for rootless container + +``` +[Unit] +Description=nginx +Requires=user@1001.service +After=user@1001.service + +[Service] +Type=simple +KillMode=none +MemoryMax=200M +ExecStartPre=-/usr/bin/podman rm -f nginx +ExecStartPre=/usr/bin/podman pull nginx +ExecStart=/usr/bin/podman run --name=nginx -p 8080:80 -v /home/nginx/html:/usr/share/nginx/html:Z nginx +ExecStop=/usr/bin/podman stop nginx +Restart=always +User=nginx +Group=nginx + +[Install] +WantedBy=multi-user.target +``` + +This example unit will launch a nginx container using the existing user nginx with id 1001, serving static content from /home/nginx/html and limited to 200MB of RAM. + +You can use all the usual systemd flags to control the process, including capabilities and cgroup directives to limit memory or CPU. + +See #3866 for more details. + ## More information If you are still experiencing problems running Podman in a rootless environment, please refer to the [Shortcomings of Rootless Podman](https://github.com/containers/libpod/blob/master/rootless.md) page which lists known issues and solutions to known issues in this environment. |