Podman fails to start at boot because it starts before the network is up #218

New issue

Closed

opened 2024-04-20 02:03:35 +00:00 by a · 1 comment

a commented 2024-04-20 02:03:35 +00:00

Owner

Copy link

I noticed that some user services aren't starting automatically at boot because although they have the lines

Wants=network-online.target
After=network-online.target

systemd is starting them before that target is reached, which causes them to throw a network error since the network isn't up yet. This is because the systemd user and system managers are completely separate and it's not possible for a user unit to depend on system units. This is also related to Podman 5.0's switch from slirp4netns to pasta.

There are several forum posts online about making a user service wait for network-online.target such as https://unix.stackexchange.com/questions/216919/how-can-i-make-my-user-services-wait-till-the-network-is-online and https://bbs.archlinux.org/viewtopic.php?id=278852. One of those posts recommends the magic command systemctl --global link /usr/lib/systemd/system/network-online.target... and it doesn't work! When making a symlink to a system unit, systemd won't sync the status of the system unit to the user unit, but will actually run another copy of this unit in the systemd user instance.

So this leaves me with a few solutions.

1. Switch back to slirp4netns. Upstream podman says they're permanently switching to pasta so I think we should do the same, and plus pasta is faster.

2. Delay the start of user sessions until the network is up. This adds some startup delay, but if the network isn't even accessible yet, that delay doesn't really matter.

3. Write our own network-online.target for user sessions using nm-online. This requires creating quite a few files since we need a target file, a service that runs nm-online, and enable the service.

4. Write a wrapper script for pasta that runs nm-online first.

I ended up choosing solution 2 because it's the least gross, but if anyone has other ideas, I'd love to hear it!

I noticed that some user services aren't starting automatically at boot because although they have the lines ``` Wants=network-online.target After=network-online.target ``` systemd is starting them before that target is reached, which causes them to throw a network error since the network isn't up yet. This is because the systemd user and system managers are completely separate and [it's not possible for a user unit to depend on system units](https://github.com/systemd/systemd/issues/3312). This is also related to [Podman 5.0's switch from slirp4netns to pasta](https://github.com/containers/podman/issues/22197). There are several forum posts online about making a user service wait for `network-online.target` such as https://unix.stackexchange.com/questions/216919/how-can-i-make-my-user-services-wait-till-the-network-is-online and https://bbs.archlinux.org/viewtopic.php?id=278852. One of those posts recommends the magic command `systemctl --global link /usr/lib/systemd/system/network-online.target`... and it doesn't work! When making a symlink to a system unit, systemd won't sync the status of the system unit to the user unit, but will actually run another copy of this unit in the systemd user instance. So this leaves me with a few solutions. 1. Switch back to slirp4netns. [Upstream podman says they're permanently switching to pasta](https://github.com/containers/podman/issues/22363) so I think we should do the same, and plus pasta is faster. 2. [Delay the start of user sessions until the network is up](https://github.com/systemd/systemd/issues/3312#issuecomment-2039973852). This adds some startup delay, but if the network isn't even accessible yet, that delay doesn't really matter. 3. Write our own `network-online.target` for user sessions using `nm-online`. This requires creating quite a few files since we need a target file, a service that runs `nm-online`, and enable the service. 4. Write a wrapper script for pasta that runs `nm-online` first. I ended up choosing solution 2 because it's the least gross, but if anyone has other ideas, I'd love to hear it!

a added the

bug

label 2024-04-20 02:03:35 +00:00

a closed this issue 2024-04-20 02:05:58 +00:00

a commented 2024-04-20 05:58:27 +00:00

Author

Owner

Copy link

The server just mysteriously rebooted (maybe a very short power outage), and this caused pasta errors at boot time again despite the fix above, so I'm guessing the router also rebooted and the router takes a while to start up. I don't think there's much we can do in this case.

The server just mysteriously rebooted (maybe a very short power outage), and this caused pasta errors at boot time again despite the fix above, so I'm guessing the router also rebooted and the router takes a while to start up. I don't think there's much we can do in this case.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

v9.0

v8.8

v8.7

v8.6

v8.5

v8.4

v8.3

v8.2

v8.1

v8.0

v7.10

v7.9

v7.8

v7.7

v7.6

v7.5

v7.4

v7.3

v7.2

v7.1

v7.0

v6.1

v6.0

v5.1

v5.0

v4.2

v4.1

v4.0

v3.0

v2.5

v2.4

v2.3

v2.2

v2.1

v2.0

v1.3

v1.2

v1.1

v1.0

v0.3-beta

Labels

Clear labels   

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

security

Security vulnerability

  

wontfix

This won't be fixed

No labels

bug

duplicate

enhancement

help wanted

invalid

question

security

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: exozyme/exozyme#218

No description provided.