Photo by Geeky Shots on Unsplash
Run rootless Podman containers as systemd services
Power Up
Podman since version 4.4 has a native mechanism to start containers automatically by systemd unit files: Podman Quadlet. In this article, I guide you through preparing your system and configuring it to use Quadlets (as the container unit files are called) for your rootless Podman containers. As an example, I'll show you how to set up a reverse proxy in one container and some web services behind the proxy in other containers.
Docker and Podman
If you want to configure which Docker containers should start automatically on your Linux server, Docker Compose [1] is a widely recognized solution. However, within enterprise Linux distributions, Podman [2] has been the preferred container engine for a while. Both Red Hat Enterprise Linux and SUSE Linux Enterprise have adopted Podman, as have their associated community distributions, Fedora and openSUSE.
In contrast to Docker, Podman operates without a continuously running daemon. As a result, Podman is somewhat more lightweight and allows containers to start up faster. Moreover, Podman defaults to running rootless containers, with ordinary user instead of root privileges. SELinux integration is also standard in distributions that support it. Overall, a server running Podman is easier to secure by default than one using Docker.
Podman's compatibility with the Docker API makes it relatively straightforward to use in combination with tools developed for Docker. If you're accustomed to Docker commands, you'll find you can generally substitute the docker command with podman. For example, podman ps lists all running containers, podman images shows all downloaded container images, and podman pull nginx:alpine downloads the nginx:alpine image from one of the
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Integrating Podman and systemd
With the integration of Podman and systemd, you can put any software inside a container under the control of systemd and see almost no difference between running the service directly on the host or inside a container. -
Managing containers with Podman
The Podman container management tool does not use a daemon in the background, like its counterpart Docker, and can operate in non-privileged mode. -
Docker and Podman environments on Windows and Mac machines
Develop container applications on a Windows or Mac system with Docker Desktop or Podman. -
OCI containers with Podman
The Podman alternative to Docker is a daemonless container engine with a run time that executes on request in root or user mode. -
Create secure simple containers with the systemd tools Nspawnd and Portabled
Systemd comes with two functions for container management that allow many programs to run more securely through isolation.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
