More and more applications have manuals telling you to preferrably run it within a docker container. But if you want an application to follow the system runlevels of the linux operating system that your docker container is running on and be controllable with commands like 'sudo service myservice start' and 'systemctl enable myservice' then it is much easier to make it a systemd service. Running it without docker can be cumbersome. I could narrow this question to Java Spring Boot Applications because that's my main use case for the applications I write myself, but I would rather come to a more generic approach to do this in a way that it is:
- easy to configure
- survives reboots gracefully
- keeps most or all the advantages of systemd control
Ofcourse there will be reasons why I should not want this approach and I can guess some of the responses that will follow. I am interested in that. Things should be as simple as possible, but not simpler (Einstein something). But describing a simple approach that will work could benefit the Linux and Docker community.
In response to some earlier answers below (thanks for the valuable feedback!): I prefer to control all individual applications on my operating system by one means of control. By default that would be systemd because that's the default of the operating system for that. I know using a container is a bit of a different paradigm then running it on the OS itself, but I don't really know what rule I would be breaking if I would create a systemd service like 'homeassistant-container', that controls starting and stopping a docker container with (in this case) 'homeassistant' as an application within that container
For example: you want to install redis containerized, but start/stoppable as a systemd service:
Install podman:
sudo apt install podmanGet the container from docker.io you want to run as a servic. In this example: redis
sudo podman pull docker.io/redisRun the image as a container. In this case, we also expose reddits default port (6379) on the host itself with the same portnumber with the option:
-p 6379:6379sudo podman run -d --name redis_server -p 6379:6379 redisGenerate a systemd file with podman:
sudo podman generate systemd --new --name --files redis_serverStart this service by default at each boot:
sudo systemctl enable container-redis_server.serviceStart the service:
sudo systemctl start container-redis_server.serviceCheck the status of the service:
sudo systemctl status container-redis_server.serviceThe output will look something like:
● container-redis_server.service - Podman container-redis_server.service Loaded: loaded (/etc/systemd/system/container-redis_server.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2024-01-25 18:35:01 CET; 1s ago Docs: man:podman-generate-systemd(1) Process: 104769 ExecStartPre=/bin/rm -f /run/container-redis_server.service.ctr-id (code=exited, status=0/SUCCESS) Main PID: 104896 (conmon) Tasks: 2 (limit: 37994) Memory: 1.0M CPU: 269ms CGroup: /system.slice/container-redis_server.service └─104896 /usr/bin/conmon --api-version 1 -c dac4fdfcab837e3aee559da856ee1a1827ed319b1c113d96bd3d828c9a4edf57 -u dac4fdfcab837e3aee559da856ee1a1827ed319b1c113d96bd3d828c9a4edf57 -r /usr/sbin/runc -b /var/lib/containers/storage/overlay-containers/dac4fdfcab837e3aee> ... 17:35:01.666 * Ready to accept connections tcpAs #muru described in his comments, 'Podman' turns out to be suited to solve this problem. I added the priceless remark about 'podman generate systemd' from #user68186. Using podman quadlets might even be better. I will research on that option later.
The solution above was heavily inspired by the link below, just leaving out the SELinux bit, because SELinux is not common to Ubuntu.
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html/managing_containers/running_containers_as_systemd_services_with_podman
I will describe running Pihole in podman using systemd. I have been running it for a while, and it requires some configuration. I assume you have already installed podman. If not install podman:
See https://learnubuntu.com/install-podman/ for more details.
1. pull and start up Pihole in podman
Pihole will need two container volumes to persist data, we can create them with podman:
The following command will pull Pihole and run it:
Note: The whole thing is a single command. the
\breaks it into multiple lines.You will have to change the timezone, SERVERIP, and WEBPASSWORD to suit your needs.
The port settings:
assume the computer in which podman will run has a GUI desktop and a browser app installed. These settings will only allow web-admin access to Pihole from the
localhost. If you want to access the web-admin of Pihole from another computer in the same network or across the internet, adjust these options accordingly.The above command will get your container up and running. You can check with:
Two options are needed for automatic updates.
and
The part,
docker.io/pihole/pihole:latestcould be shortened topihole:latest. However, you will need the explicit location to pull the image from if you want systemd to keep the image automatically updated.Set it up in systemd
First generate the systemd service file with the following command:
You will see this notice in the output:
I have not looked into Quadlets much. It is the newer way of integrating podman and systemd.
--newwill pull the latest version of pihole every time the computer starts or the systemd service is restarted. You may not want this, but it is needed for auto updating the container image.--fileswill create a file calledcontainer-pihole.servicein your current directory.Copy the service file to its rightful place:
Enable and start the service:
Now your container should startup when the system reboots.
3. Automatic update of container images
You will have to enable and start the podman auto-update service and timer:
This will keep all the podman (docker) container images up to date. You may look into the
timerfile to adjust the frequency.Hope this helps