example2

return to main page

Example 2

graph TB

    a1[curl localhost:80] -.->a2[nginx container in systemd system service]

Loading

Set up a systemd system service example2.service where rootful podman is running the container image docker.io/library/nginx. Configure socket activation for TCP port 80.

The instructions are similar to Example 1.

1. Create the file /etc/containers/systemd/example2.container with the contents

   [Unit]
   Requires=example2.socket
   After=example2.socket
   
   [Container]
   Image=docker.io/library/nginx
   Environment=NGINX=3;
   [Install]
   WantedBy=default.target
   

2. Optional step for improved security: Edit the file /etc/containers/systemd/example2.container and add this line below the line [Container]

   Network=none
   

   For details, see section Possibility to restrict the network in the container
3. Create the file /etc/systemd/system/example2.socket that defines the sockets that the container should use

   [Unit]
   Description=Example 2
   
   [Socket]
   ListenStream=0.0.0.0:80
   
   [Install]
   WantedBy=sockets.target
   

4. Reload the systemd configuration

   $ sudo systemctl daemon-reload
   

5. Start the socket

   $ sudo systemctl start example2.socket
   

6. Test the web server

   $ curl -s localhost:80 | head -4
   <!DOCTYPE html>
   <html>
   <head>
   <title>Welcome to nginx!</title>