From Fedora Project Wiki

Revision as of 22:03, 17 January 2013 by Lennart (talk | contribs) (Created page with "= systemd Message Catalog = == Summary == For a longer time systemd already included the '''systemd-nspawn''' tool as a more powerful version of chroot(1), primarily inteded ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision β†’ (diff)

πŸ”— systemd Message Catalog

πŸ”— Summary

For a longer time systemd already included the systemd-nspawn tool as a more powerful version of chroot(1), primarily inteded for use in development, debugging, testing and building of software. With Fedora 19 we want to make nspawn considerably more useful, so that it can easily be used to start containers capable of booting up a complete Fedora distribution inside as normal system services.

πŸ”— Owner

πŸ”— Current status

  • Targeted release: Fedora 19
  • Last updated: 2012-01-17
  • Percentage of completion: 100%

πŸ”— Detailed Description

systemd-nspawn is already very useful as a development/debugging/testing/building tool for software. With Fedora 19 we to ensure the following things:

  • An unmodified Fedora 19 shall boot up fine inside a systemd-nspawn container
  • systemd-nspawn shall work fine when invoked as a systemd system service
  • The system journal of the container shall be available in the host without fiddling
  • The nspawn container shall be socket-activatable, so that it can be auto-spawning on SSH connections.

πŸ”— Benefit to Fedora

We can more easily test Fedora 19 inside containers in order to ensure it continues to work fine out-of-the-box.

We have a simple to use tool that just works, for development, debugging, testing and building of software.

πŸ”— Scope

Primarily only needs changes in systemd upstream.

πŸ”— How To Test

Turn off auditing as it is incompatible with containers. Boot your host with audit=0 on the kernel command line.

Use the following to set up a container:

# yum -y --releasever=19 --nogpg --installroot=/srv/mycontainer --disablerepo='*' --enablerepo=fedora install systemd passwd yum fedora-release

Then, set a root password:

$ sudo systemd-nspawn --capability=cap_audit_control,cap_audit_write -D /srv/mycontainer
# passwd
...
^D

Now, boot it up, and check that it booted cleanly:

$ sudo systemd-nspawn --capability=cap_audit_control,cap_audit_write -bD /srv/mycontainer 3

And make a service out of it:

# cat > /etc/systemd/systemd/mycontainer.service <<EOF
[Unit]
Description=My little container
[Service]
ExecStart=/usr/bin/systemd-nspawn -jbD /srv/mycontainer 3 
KillMode=process
EOF

And start it:

# systemctl daemon-reload
# systemctl start mycontainer

And later on stop it:

# systemctl stop mycontainer

πŸ”— User Experience

It's a tool for developers, hackers, system builders, engineers. Normal users sould never see this.

πŸ”— Dependencies

Nothing really.

πŸ”— Contingency Plan

Nothing. people who don't play with this will never see this.

πŸ”— Documentation

http://0pointer.de/public/systemd-man/systemd-nspawn.html

πŸ”— Release Notes

No need for additions.

πŸ”— Comments and Discussion