Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Container template, generate extra container if it is in a pod #25510

Open
onlyati opened this issue Mar 8, 2025 · 0 comments
Open

Container template, generate extra container if it is in a pod #25510

onlyati opened this issue Mar 8, 2025 · 0 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. quadlet

Comments

@onlyati
Copy link

onlyati commented Mar 8, 2025

Issue Description

I create template file based on the information from the document: https://docs.podman.io/en/v5.2.2/markdown/podman-systemd.unit.5.html#template-files. But when I put this template into a pod, then one extra container is automatically created where the pod name will be the instance name. I am not sure this is works as designed or a bug, but based on document it should not happen, if I understand correctly.

My use case would be to host multiple webapp/api with the same template but within same pod (for network simpilicity).

Steps to reproduce the issue

Create a pod file, for example test.pod:

[Pod]

Create container teamplate, for example [email protected]:

[Unit]
Description=Test container #%i

[Container]
Image=docker.io/library/debian
Pod=test.pod
Exec=tail -f /dev/null

Then create some symlink:

Then reload the daemon systemctl --user daemon-reload and start the pod systemctl --user start test-pod.

Describe the results you received

$ systemctl --user --type=service | grep test
  test-pod.service               loaded active running test-pod.service
  [email protected]          loaded active running [email protected]
  [email protected]          loaded active running [email protected]
  [email protected]          loaded active running [email protected]
  [email protected]   loaded active running [email protected]

$ podman ps --pod --filter pod=systemd-test
CONTAINER ID  IMAGE                                    COMMAND            CREATED        STATUS        PORTS       NAMES                         POD ID        PODNAME
166c5ed6a36c  localhost/podman-pause:5.2.2-1738677241                     9 minutes ago  Up 9 minutes              483a8d6b0238-infra            483a8d6b0238  systemd-test
161dfe5a7819  docker.io/library/debian:latest          tail -f /dev/null  9 minutes ago  Up 9 minutes              systemd-test-server_2         483a8d6b0238  systemd-test
818027e8dfdf  docker.io/library/debian:latest          tail -f /dev/null  9 minutes ago  Up 9 minutes              systemd-test-server_1         483a8d6b0238  systemd-test
6cd32478e587  docker.io/library/debian:latest          tail -f /dev/null  9 minutes ago  Up 9 minutes              systemd-test-server_3         483a8d6b0238  systemd-test
a03475f748ce  docker.io/library/debian:latest          tail -f /dev/null  9 minutes ago  Up 9 minutes              systemd-test-server_test-pod  483a8d6b0238  systemd-test

Describe the results you expected

Since I did not define DefaultInstance= parameter, no default container should be started just the symlink ones. So [email protected] should not been started. It also seems, if I set something for DefaultInstance, it is ignored when template is in pod.

podman info output

host:
  arch: amd64
  buildahVersion: 1.37.6
  cgroupControllers:
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.12-1.el9.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.12, commit: 5859d6167f22954414ce804d3f2ae9cf6208f929'
  cpuUtilization:
    idlePercent: 97.48
    systemPercent: 1.11
    userPercent: 1.41
  cpus: 2
  databaseBackend: sqlite
  distribution:
    distribution: rocky
    version: "9.5"
  eventLogger: journald
  freeLocks: 2023
  hostname: controller-01
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.14.0-503.26.1.el9_5.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 308297728
  memTotal: 3735650304
  networkBackend: netavark
  networkBackendInfo:
    backend: netavark
    dns:
      package: aardvark-dns-1.12.2-1.el9_5.x86_64
      path: /usr/libexec/podman/aardvark-dns
      version: aardvark-dns 1.12.2
    package: netavark-1.12.2-1.el9.x86_64
    path: /usr/libexec/podman/netavark
    version: netavark 1.12.2
  ociRuntime:
    name: crun
    package: crun-1.16.1-1.el9.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.16.1
      commit: afa829ca0122bd5e1d67f1f38e6cc348027e3c32
      rundir: /run/user/1000/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  pasta:
    executable: /usr/bin/pasta
    package: passt-0^20240806.gee36266-6.el9_5.x86_64
    version: |
      pasta 0^20240806.gee36266-6.el9_5.x86_64
      Copyright Red Hat
      GNU General Public License, version 2 or later
        <https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
      This is free software: you are free to change and redistribute it.
      There is NO WARRANTY, to the extent permitted by law.
  remoteSocket:
    exists: false
    path: /run/user/1000/podman/podman.sock
  rootlessNetworkCmd: pasta
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.3.1-1.el9.x86_64
    version: |-
      slirp4netns version 1.3.1
      commit: e5e368c4f5db6ae75c2fce786e31eef9da6bf236
      libslirp: 4.4.0
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.2
  swapFree: 0
  swapTotal: 0
  uptime: 90h 50m 32.00s (Approximately 3.75 days)
  variant: ""
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - registry.access.redhat.com
  - registry.redhat.io
  - docker.io
store:
  configFile: /home/ati/.config/containers/storage.conf
  containerStore:
    number: 18
    paused: 0
    running: 17
    stopped: 1
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/ati/.local/share/containers/storage
  graphRootAllocated: 40165670912
  graphRootUsed: 12203323392
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 17
  runRoot: /run/user/1000/containers
  transientStore: false
  volumePath: /home/ati/.local/share/containers/storage/volumes
version:
  APIVersion: 5.2.2
  Built: 1738677241
  BuiltTime: Tue Feb  4 13:54:01 2025
  GitCommit: ""
  GoVersion: go1.22.9 (Red Hat 1.22.9-2.el9_5)
  Os: linux
  OsArch: linux/amd64
  Version: 5.2.2

Podman in a container

No

Privileged Or Rootless

Rootless

Upstream Latest Release

No

Additional environment details

This data is gathered from 5.2.2 version, but I have tested on a test system with podman 5.4, produced the same issue.

Additional information

No response
@onlyati onlyati added the kind/bug Categorizes issue or PR as related to a bug. label Mar 8, 2025
@onlyati onlyati changed the title Container template, generate extra if it is in a pod Container template, generate extra container if it is in a pod Mar 8, 2025
@Luap99 Luap99 added the quadlet label Mar 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. quadlet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@onlyati @Luap99