Building Podman Debian Images With Systemd Inside The Container

~ tmolnar0831

Containerization has revolutionized the way software is developed, tested, and deployed. While Docker has been a popular choice for containerization, Podman has emerged as a viable alternative, especially for users who prefer a rootless, daemonless, and more secure container experience. In this blog post, we will explore how to build Debian-based container images using Podman while integrating systemd inside them. This allows you to run services and manage them using systemd, just like you would on a traditional server.

Don’t forget to join my Discord: https://discord.gg/YbSYGsQYES

Why Would You Do That?

Most system administrators use automation and/or infrastructure as code tools for managing their environments. As the infra becomes more complex, they need a fast and reliable way of testing the changes.

The integration of systemd with containers comes here very handy. You can run smoke tests of changes in them. These images are not for production containers, but they have a huge task in development and testing.

Why Containers Don’t Have An Init System?

Containers intentionally do not include an init system to keep them lightweight and focused on their primary purpose: running applications. Process management and initialization are typically handled through other means, including entry points, supervision tools, or by sharing the host’s init system when necessary.

Building Containers With Systemd

A Containerfile is similar to a Dockerfile. If you are familiar with Docker it will help you to build a fully functional Debian Bookworm container that has Systemd running inside.

FROM debian:bookworm
RUN apt-get update && apt-get install -y systemd
CMD [ "/lib/systemd/systemd" ]

The above code can be used to build a new image based on Debian Bookworm.

podman build -t tmolnar-debian-systemd:latest -f Composefile 
STEP 1/3: FROM debian:bookworm
Resolved "debian" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
Trying to pull docker.io/library/debian:bookworm...

...

COMMIT tmolnar-debian-systemd:latest
--> 04df5c8a873
Successfully tagged localhost/tmolnar-debian-systemd:latest

Let’s check if there is an init process with PID 1!

Start a container instance from the image and check it with podman top:

podman run -itd --name systemd-test 04df
8d2511db24a66b842d9036f1e93cd4b6e68211ec97eb6531c194e77936abc48b

podman ps
CONTAINER ID  IMAGE                                     COMMAND               CREATED        STATUS            PORTS       NAMES
8d2511db24a6  localhost/tmolnar-debian-systemd:latest  /lib/systemd/syst...  5 seconds ago  Up 4 seconds ago              systemd-test

podman top 8d25
USER        PID         PPID        %CPU        ELAPSED        TTY         TIME        COMMAND
root        1           0           0.000       15.762981116s  ?           0s          /lib/systemd/systemd 
root        15          1           0.000       14.763070902s  ?           0s          /lib/systemd/systemd-journald 
messagebus  23          1           0.000       14.763128842s  ?           0s          /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only 
root        24          1           0.000       14.763183451s  ?           0s          /lib/systemd/systemd-logind 
root        26          1           0.000       14.763239641s  pts/0       0s          /sbin/agetty -o -p -- \u --noclear --keep-baud - 115200,38400,9600 xterm

Don’t forget to join my Discord: https://discord.gg/YbSYGsQYES

Published by tmolnar0831

My name is Tom, and I’m the founder and main contributor to Tom's IT Cafe. I’m a technology enthusiast and IT professional with over two decades of experience in the industry.

Leave a comment