我创建了四元组来在 opensuse 环境(具体来说是 microOS)中启动两个不同的容器。四胞胎/etc/containers/systemd在自动安装过程中被植入。我希望它们在下次启动时运行(以及此后的每次启动)。
首次启动时,我看到容器尝试启动,但它们都失败并出现相同的错误(“错误:初始化源”)。似乎network-online.target没有受到尊重。如果我手动运行systemctl start,两个容器都会成功启动。
最初,该WantedBy行包括在内multi-user.target,default.target但后者似乎没有必要,因为我希望系统完全启动才能部署此容器。该服务显然正在生成并正在尝试启动,但该错误使其看起来无法提取图像。我已经查看了可用的After指令,network-online.target看起来是正确的。
/etc/containers/systemd/wireguard.service:[Unit] Description=Wireguard container After=network-online.target [Container] Image=docker.io/procustodibus/wireguard AddCapability=NET_ADMIN NET_RAW ContainerName=wireguard PublishPort=51822:51822/udp Volume=/etc/wireguard/conf:/etc/wireguard:Z PodmanArgs=--sysctl "net.ipv4.conf.all.forwarding=1" [Install] # Start by default on boot WantedBy=multi-user.targetsystemctl status wireguard.service首次启动后的输出:× wireguard.service - Wireguard container Loaded: loaded (/etc/containers/systemd/wireguard.container; generated) Active: failed (Result: exit-code) since Wed 2023-11-22 21:10:23 UTC; 5min ago Process: 1395 ExecStart=/usr/bin/podman run --name=wireguard --cidfile=/run/wireguard.cid --replace --rm --cgroups=split --sdnotify=conmon -d --cap-add=net_admin --cap-add=net_raw -v /etc/wireguard/conf:/etc/wireguard:Z --publish 51822:51822/udp --sysctl net.ipv4.co> Process: 1520 ExecStopPost=/usr/bin/podman rm -f -i --cidfile=/run/wireguard.cid (code=exited, status=0/SUCCESS) Main PID: 1395 (code=exited, status=125) CPU: 392ms Nov 22 21:10:20 proscale-micro-01.abc.abctechnology.com systemd[1]: Starting Wireguard container... Nov 22 21:10:23 proscale-micro-01.abc.abctechnology.com wireguard[1395]: Trying to pull docker.io/procustodibus/wireguard:latest... Nov 22 21:10:23 proscale-micro-01.abc.abctechnology.com wireguard[1395]: Pulling image docker.io/procustodibus/wireguard:latest inside systemd: setting pull timeout to 5m0s Nov 22 21:10:23 proscale-micro-01.abc.abctechnology.com wireguard[1395]: Error: initializing source docker://procustodibus/wireguard:latest: pinging container registry registry-1.docker.io: Get "https://registry-1.docker.io/v2/": dial tcp: lookup registry-1.docker.io on 192> Nov 22 21:10:23 proscale-micro-01.abc.abctechnology.com systemd[1]: wireguard.service: Main process exited, code=exited, status=125/n/a Nov 22 21:10:23 proscale-micro-01.abc.abctechnology.com systemd[1]: wireguard.service: Failed with result 'exit-code'.
答案1
回答了我自己的问题。将 'Requires=network-online.target' 添加到 [Unit] 修复了它。我误解了“After=”的作用。