Podman container as systemd service with quadlet

Since podman generate systemd is depracated, here is a way to create container service. Example on Prometheus. Setup:

$ podman --version
podman version 4.9.3
$ cat /etc/os-release | head -n1
PRETTY_NAME="Ubuntu 24.04.1 LTS"

Create system user only to run containers:

$ adduser --system --disabled-login podman
$ cat /etc/passwd | grep podman
podman:x:110:65534::/home/podman:/usr/sbin/nologin

Decide where to make persistent volumes for container. I chose /home/podman/.

$ mkdir -p /home/podman/prometheus/data
$ mkdir -p /home/podman/prometheus/config
$ chown -R podman:nogroup /home/podman/*
$ tree /home/podman/
/home/podman/
└── prometheus
    ├── config
    │   └── prometheus.yml
    └── data

Create .container file in one of locations as stated in documentation podman-systemd.unit. I created in /etc/containers/systemd/.

$ cat /etc/containers/systemd/prometheus.container
[Unit]
Description=Prometheus container

[Container]
Image=docker.io/prom/prometheus #latest image
ContainerName=prometheus
Volume=/home/podman/prometheus/data:/prometheus
Volume=/home/podman/prometheus/config:/etc/prometheus #containing prometheus.yml config
PublishPort=9090:9090
User=110 # UID of user podman I created

[Service]
# Restart service when failed
Restart=always

[Install]
WantedBy=multi-user.target
DefaultInstance=100
$
$ systemctl daemon-reload
$ service prometheus start

Read More

'Too many open files' in log file - resolution

Too many open files and service crashes. Edit serivce:

systemctl edit [service_name]

Add in file in correct section:

[Service]
LimitNOFILE=65536
LimitSTACK=infinity
LimitNPROC=16384
TasksMax=8192

Reload systemctl:

systemctl daemon-reload

Restart service:

systemctl restart [service_name]

Read More