podman quadlets examples
This commit is contained in:
Maciej Lebiest
parent
0fcf8a9338
commit
b091c4bc1f
1 changed files with 97 additions and 1 deletions
98
README.md
98
README.md
|
|
@ -252,4 +252,100 @@ restorecon -v /etc/systemd/system/gitea-runner.service;
|
||||||
systemctl daemon-reload;
|
systemctl daemon-reload;
|
||||||
systemctl enable --now gitea-podman.service;
|
systemctl enable --now gitea-podman.service;
|
||||||
systemctl enable --now gitea-runner.service;
|
systemctl enable --now gitea-runner.service;
|
||||||
````
|
```
|
||||||
|
|
||||||
|
## Podman quadlets examples
|
||||||
|
|
||||||
|
This section is about quadlets, rather than specific image, but it is based on
|
||||||
|
examples.
|
||||||
|
|
||||||
|
To enable such container managed by systemd, create `.container` file
|
||||||
|
at `/etc/containers/systemd/my-container.container`, and then run:
|
||||||
|
```bash
|
||||||
|
systemctl daemon-reload;
|
||||||
|
systemctl enable --now my-container.service
|
||||||
|
```
|
||||||
|
|
||||||
|
### Example host-monitoring purpose quadlets
|
||||||
|
|
||||||
|
#### zabbix-agent
|
||||||
|
|
||||||
|
```systemd
|
||||||
|
[Unit]
|
||||||
|
Description=Zabbix agent 2
|
||||||
|
After=local-fs.target
|
||||||
|
|
||||||
|
[Container]
|
||||||
|
Image=zabbix-agent
|
||||||
|
ContainerName=zabbix-agent
|
||||||
|
LogDriver=journald
|
||||||
|
Network=host
|
||||||
|
Pull=newer
|
||||||
|
ReadOnly=yes
|
||||||
|
VolatileTmp=true
|
||||||
|
SecurityLabelDisable=yes
|
||||||
|
UserNS=host
|
||||||
|
Ulimit=host
|
||||||
|
Unmask=ALL
|
||||||
|
|
||||||
|
AutoUpdate=registry
|
||||||
|
|
||||||
|
PodmanArgs=--pid=host
|
||||||
|
PodmanArgs=--ipc=host
|
||||||
|
PodmanArgs=--no-hosts
|
||||||
|
|
||||||
|
Volume=/etc/zabbix/agent2.conf:/etc/zabbix/zabbix_agent2.conf:ro
|
||||||
|
Volume=/sys:/sys:ro
|
||||||
|
Volume=/dev:/dev:ro
|
||||||
|
Volume=/var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket:rw
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Restart=always
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
# Start by default on boot
|
||||||
|
WantedBy=multi-user.target default.target
|
||||||
|
```
|
||||||
|
|
||||||
|
#### node-exporter (Prometheus)
|
||||||
|
|
||||||
|
```systemd
|
||||||
|
[Unit]
|
||||||
|
Description=Node exporter for Prometheus
|
||||||
|
After=local-fs.target
|
||||||
|
|
||||||
|
[Container]
|
||||||
|
Image=docker.io/prom/node-exporter:latest
|
||||||
|
ContainerName=node-exporter
|
||||||
|
LogDriver=journald
|
||||||
|
Network=host
|
||||||
|
Pull=newer
|
||||||
|
ReadOnly=yes
|
||||||
|
VolatileTmp=true
|
||||||
|
SecurityLabelDisable=yes
|
||||||
|
User=1222
|
||||||
|
UserNS=host
|
||||||
|
Ulimit=host
|
||||||
|
Unmask=ALL
|
||||||
|
|
||||||
|
AutoUpdate=registry
|
||||||
|
|
||||||
|
# Exec=--help
|
||||||
|
|
||||||
|
PodmanArgs=--pid=host
|
||||||
|
PodmanArgs=--ipc=host
|
||||||
|
PodmanArgs=--no-hosts
|
||||||
|
|
||||||
|
Volume=/proc:/host/proc:ro
|
||||||
|
Volume=/sys:/host/sys:ro
|
||||||
|
Volume=/:/rootfs:ro
|
||||||
|
|
||||||
|
Exec=--path.procfs=/host/proc --path.rootfs=/rootfs --path.sysfs=/host/sys --collector.filesystem.mount-points-exclude='^/(sys|proc|dev|host|etc)($$|/)'
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Restart=always
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
# Start by default on boot
|
||||||
|
WantedBy=multi-user.target default.target
|
||||||
|
```
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue