 |
Other languages English ; |
| Synopsis: The systemd-nspawn utility is a way to run containers on Linux. It's not a method you want in a production environment, or something that you want for daily usage. But it's a great way to learn more about container technology, and can be used to test and develop software, or you can use it to create packages. You can think of systemd-nspawn as a sort of chroot on steroids. This document is meant for packagers, developers, and everyone that wants to learn more about container technology. |
| Note: All the commands in this document should be executed as root: |
| su - |
Container filesystem
The first step is to create a directory for the root filesystems of the containers:
| mkdir /container/ |
Let's make a Mageia container directory:
| mkdir /container/mageia9 |
Initialize the rpm database for Mageia:
| rpm --rebuilddb --root=/container/mageia9 |
Install some base rpm's. Installing these ensures that you can install the packages for the Mageia 9 release. Officially you can skip this step, but it makes the configuration somewhat easier. You can ignore warnings.
| rpm --root=/container/mageia9/ --nodeps -ivh \ http://free.nchc.org.tw/mageia/distrib/9/x86_64/media/core/release/mageia-release-Default-9-2.mga9.x86_64.rpm rpm --root=/container/mageia9/ --nodeps -ivh \ http://free.nchc.org.tw/mageia/distrib/9/x86_64/media/core/release/mageia-release-common-9-2.mga9.x86_64.rpm rpm --root=/container/mageia9/ --nodeps -ivh \ http://free.nchc.org.tw/mageia/distrib/9/x86_64/media/core/release/lsb-release-3.1-5.mga9.noarch.rpm |
Configure the Mageia repositories:
| urpmi.addmedia --distrib http://free.nchc.org.tw/mageia/distrib/9/x86_64/ --urpmi-root /container/mageia9 |
Of course you can use other mirrors!
Now you can start a minimal installation:
| urpmi basesystem-minimal urpmi locales locales-en systemd --auto --no-recommends --urpmi-root /container/mageia9/ --root /container/mageia9/ |
Root password
Before you can use the root filesystem, you have set a root password. Therefore you need to change your root filesystem into the container.
| chroot /container/mageia9 |
Now you can set the root password:
| passwd |
To enable the root user to login, add to the file /etc/securetty the following line:
| console |
Exit the chroot environment:
| exit |
First container
We are ready to launch the first container, based on the created root filesystem:
| systemd-nspawn --boot --directory=/container/mageia9 |
Logout, and exit the container by pressing ctrl+] 3 times or Ctrl+D
If we want to access a network bridged with the host (the default is to use a veth device), we create a file named /etc/systemd/nspawn/mageia9.nspawn :
| [Network] VirtualEthernet=no |
machinectl
To make the management of the container easier, create a systemd-unit file: /etc/systemd/system/var-lib-machines.mount with the following content:
| [Unit] Description = systemd containers filesystem [Mount] Where = /var/lib/machines What = /container Options = bind [Install] WantedBy = local-fs.target |
Start and enable this unit at boot time:
| systemctl start var-lib-machines.mount systemctl enable var-lib-machines.mount |
To show the Mageia9 'image', execute:
| machinectl list-images |
Start the image:
| machinectl start mageia9 |
To login:
| machinectl shell mageia9 |
Exit the shell by pressing ctrl+] 3 times or Ctrl+D, and view the status:
| machinectl status mageia9 |
Now you can shutdown the container until next time you need it:
| machinectl poweroff mageia9 |
or
| machinectl stop mageia9 |
mkosi
An alternative is to create the chroot with mkosi (it uses dnf to install).
| urpmi mkosi dnf mkosi -d mageia -r 9 -m https://geex.ovh/ --architecture=x86_64 -t directory -o /container/mga9 build chroot /container/mga9 passwd |
set your password
| exit systemd-nspawn --boot --directory=/container/mga9 |
Login in (as root).
Do some stuff in the container, for example, install urpmi if you prefer.
| dnf in urpmi locales-en |
Type poweroff when done.
