Developing Podman Systemd Units

During initial role development with systemd unit files for podman containers keep the auto update label as local:

  --label io.containers.autoupdate=local

This will only use the container image file pulled down by Ansible tasks during the inital role run, no matter how many times you re-run the role during development – otherwise podman will try to pull the image on each run and you may run into container registry download limits.

When you’re sure the role is working well you can change that to image:

  --label io.containers.autoupdate=image

Podman will then pull container updates itself if you run:

podman auto-update

Or automatically when the podman-auto-update.timer service has been configured to run it.

podman-auto-update.timer appears to be automatically enabled on Debian, but you can check the status with:

systemctl status podman-auto-update.timer