Is there a possibility to change container restart policy using podman? We can set policy during creating container podman run --restart always, but how to change it when the container is created?
Using docker we have docker update command which allows us to do so. Unfortunately there is no podman update command. Can it be done? Or do I need to create a new container?
when using podman you should create a systemd service that will manage podman container.
create systemd file "/etc/systemd/system/containername.service"
[Unit]
Description=your container
[Service]
Restart=always
ExecStart=/usr/bin/podman start -a containername
ExecStop=/usr/bin/podman stop -t 2 containername
[Install]
WantedBy=local.target
run command:
systemctl daemon-reload
enable service to start at boot
systemctl enable containername.service
restart service
systemctl restart containername.service
You can also add some other restart systemd parameters like:
RestartSec (Configures the time to sleep before restarting a service), StartLimitInterval (seconds service is it not permitted to start any more), StartLimitBurst
for more details check man pages: "man systemd.service"
Related
On a Virtual Maching running on Centos7, using root privileges, I want to create a service to launch a Python (Python 3.9) webservice and restart it every hour.
Here's what i did:
creating a directory /etc/systemd/system/dlweb_doc_webservice.service.d
creating a file dlweb_db_generate_report.service like this
[Unit]
Description=dlweb_db_generate_report_webservice
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service
[Service]
Type = simple
ExecStart=/usr/local/bin/python3.9 /opt/scripts/dlweb_db_generate_report_webservice/dlweb_db_generate_report.py
Restart=on-failure
RestartSec=5s
StartLimitIntervalSec=3600
StartLimitBurst=5
[Install]
WantedBy=multi-user.target
running systemctl daemon-reload
running systemctl --type=service --all doesn't display my service
and
running systemctl enable dlweb_db_generate_report_webservice returned a Failed to execute operation: No such file or directory
What did i miss or do wrong?
I just downloaded jbpm server from JBPM.
it starts by running "jbpm-server/bin/standalone.sh" this. But i want to start jbpm as ubuntu's service like---> systemctl start jbpm.
can anyone provide me details to create startup script for this.
You should create a file in your systemd directory, for example /etc/systemd/system/change_me.service and fill it with a basic setup like:
[Unit]
Description=Your service's description
[Service]
ExecStart=/path/to/executable.sh
[Install]
WantedBy=multi-user.target
Then you should reload your systemd configuration in order to update it with the new service via
sudo systemctl daemon-reload
And then start it
sudo systemctl start change_me
If you want a more granular control over your systemd's service file you should read the man page via:
man systemd.service
I have a DO droplet running Ubuntu 16.04.1x64 and I'm trying to run IPFS as a systemd service. I've gone ahead and created a user "connor" and installed IPFS following the instructions here. I'm storing the service as "ipfs.service" in ~/.config/systemd/user/ipfs.service which looks like this:
[Unit]
Description=IPFS Daemon
[Service]
Type=simple
ExecStart=/usr/local/bin/ipfs daemon
ExecStop=/usr/bin/pkill ipfs
Restart=always
User=Connor
[Install]
WantedBy=default.target
What's odd is that if I run systemctl --user start ipfs it starts up just fine. However, running systemctl --user daemon-reload and then
systemctl --user enable ipfs I get the error:
Failed to execute operation: No such file or directory
However, if I run systemctl enable /home/connor/.config/systemd/user/ipfs.service -f it runs just fine. I can reboot and run IPFS commands just fine. I'd like to run it as a user though, and would also like to understand what I'm doing wrong.
Please, check that you are executing the commands with connor user, you may run whoami to see the user executing the command. (running the command with sudo changes the user to root)
In addition, I see that the user in the service file is capitalized (Connor instead of connor), this could bring other problems, and it is not needed, as a simple configuration like the one proposed by Arch Linux wiki works for user daemons.
Please find bellow the configuration I used for my ipfs daemon, (without User= and with a different Restart=, since Restart=always gave me problems while starting the daemon):
[Unit]
Description=IPFS daemon
After=network.target
[Service]
ExecStart=/usr/local/bin/ipfs daemon
Restart=on-failure
[Install]
WantedBy=default.target
I'm starting to work with docker to automate envorinments, then I'm trying to build a simple LAMP so the Dockerfile is the following:
FROM centos:7
ENV container=docker
RUN yum -y swap -- remove systemd-container systemd-container-libs -- install systemd systemd-libs
RUN yum -y update; yum clean all; \
(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ "/sys/fs/cgroup" ]
RUN yum -y update && yum clean all
RUN yum -y install firewalld httpd mariadb-server mariadb php php-mysql php-gd php-pear php-xml php-bcmath php-mbstring php-mcrypt php-php-gettext
#Enable services
RUN systemctl enable httpd.service
RUN systemctl enable mariadb.service
#start services
RUN systemctl start httpd.service
RUN systemctl start mariadb.service
#Open firewall ports
RUN firewall-cmd --permanent --add-service=http
RUN firewall-cmd --permanent --add-service=https
RUN firewall-cmd --reload
EXPOSE 80
CMD ["/usr/sbin/init"]
so when I build the image
docker build -t myimage .
Then when I run the code I get the following mistake:
The command '/bin/sh -c systemctl start httpd.service' returned a non-zero code: 1
When I enter to interactive mode(jumping the commands after RUN systemctl start httpd.service and rebuidling the image):
docker run -t -i myimage /bin/bash
And after try to start manually the service httpd I get the following mistake:
Failed to get D-Bus connection: No connection to service manager.
so, I don't know what am I doing wrong?
First of all, welcome to Docker! :-) Loads of Docker tutorials and docs are written around Ubuntu containers, but I like Centos too.
Ok, there are a couple of things to talk about here:
You're running up against a known issue with systemd-based Docker containers where they seem to need extra privileges to run, and even then lots of extra config is required to get them working. The Red Hat team are experimenting with some fixes (mentioned in comments) but not sure where that's at.
If you wish to try getting it working, these are the best instructions I've found, but I've played with this several times in the last couple of weeks and not got it working yet.
What people might say is "the real issue" here is that a Docker container should not be thought of as a "mini Virtual Machine". Docker is designed to run one "root" process per container, and the container system makes it easy to compose multiple containers together - they are small on disk, light on memory usage and easy to network together.
Here's a blog post from Docker which gives some background on this. There's also the "Docker Fundamentals" docs on Dockerizing applications and Working with containers.
So arguably the best way to proceed with the setup you're attempting to create here (though it might sound more complicated at the beginning) is to break your "stack" up into the services you need, and then use a tool like docker-compose (introduction, documentation) to create single-purpose Docker containers as required.
In your case above, you have two services, a web server and a database server. Therefore two Docker containers should work well, connected together by the database network connection. Here are some examples:
example with Symfony app, nginx and MariaDB
example with MariaDB + NodeJS
If you run one service per Docker container, you don't need to use systemd to manage them, as the Docker daemon manages each container sort of like it is a Unix process. When the process dies, the Docker container dies, and this is important because the Docker server monitors containers and can restart them automatically, or notify you.
This looks more like a perfect example where my docker-systemctl-replacement would fit into. It can easily interpret "systemctl start httpd.service" without an active SystemD around. I have done the same for some database services but not specifically the mariadb.service - may be you could give it a try.
I'm having trouble getting a Docker container to stay up when it's started by systemd. When I start it manually with sudo docker start containername, it stays up without trouble, but when it's started via systemd with sudo systemctl start containername, it stays up for 10 seconds then mysteriously dies, leaving messages in syslog something like the following:
Mar 13 14:01:09 hostname docker[329]: time="2015-03-13T14:01:09Z" level="info" msg="POST /v1.17/containers/containername/stop?t=10"
Mar 13 14:01:09 hostname docker[329]: time="2015-03-13T14:01:09Z" level="info" msg="+job stop(containername)"
I am making the assumption that it's systemd killing the process, but I can't work out why it might be happening. The systemd unit file (/etc/systemd/system/containername.service) is pretty simple, as follows:
[Unit]
Description=MyContainer
After=docker.service
Requires=docker.service
[Service]
ExecStart=/usr/bin/docker start containername
ExecStop=/usr/bin/docker stop containername
[Install]
WantedBy=multi-user.target
Docker starts fine on boot, and it looks like it does even start the docker container, but no matter if on boot or manually, it then quits after exactly 10 seconds. Help gratefully received!
Solution: The start command seems to need the -a (attach) parameter as described in the documentation when used in a systemd script. I assume this is because it by default forks to the background, although the systemd expect daemon feature doesn't appear to fix the issue.
from the docker-start manpage:
-a, --attach=true|false
Attach container's STDOUT and STDERR and forward all signals to the process. The default is false.
The whole systemd script then becomes:
[Unit]
Description=MyContainer
After=docker.service
Requires=docker.service
[Service]
ExecStart=/usr/bin/docker start -a containername
ExecStop=/usr/bin/docker stop containername
[Install]
WantedBy=multi-user.target