2017-06-27 16:44:04 -07:00
<!DOCTYPE html>
<!-- [if IE 8]><html class="no - js lt - ie9" lang="en" > <![endif] -->
<!-- [if gt IE 8]><! --> < html class = "no-js" lang = "en" > <!-- <![endif] -->
< head >
< meta charset = "utf-8" >
< meta http-equiv = "X-UA-Compatible" content = "IE=edge" >
< meta name = "viewport" content = "width=device-width, initial-scale=1.0" >
< link rel = "shortcut icon" href = "../img/favicon.ico" >
< title > Nspawn - Trent Docs< / title >
< link href = 'https://fonts.googleapis.com/css?family=Lato:400,700|Roboto+Slab:400,700|Inconsolata:400,700' rel = 'stylesheet' type = 'text/css' >
< link rel = "stylesheet" href = "../css/theme.css" type = "text/css" / >
< link rel = "stylesheet" href = "../css/theme_extra.css" type = "text/css" / >
< link rel = "stylesheet" href = "../css/highlight.css" >
< script >
// Current page data
var mkdocs_page_name = "Nspawn";
var mkdocs_page_input_path = "nspawn.md";
var mkdocs_page_url = "/nspawn/";
< / script >
< script src = "../js/jquery-2.1.1.min.js" > < / script >
< script src = "../js/modernizr-2.8.3.min.js" > < / script >
< script type = "text/javascript" src = "../js/highlight.pack.js" > < / script >
< / head >
< body class = "wy-body-for-nav" role = "document" >
< div class = "wy-grid-for-nav" >
< nav data-toggle = "wy-nav-shift" class = "wy-nav-side stickynav" >
< div class = "wy-side-nav-search" >
< a href = ".." class = "icon icon-home" > Trent Docs< / a >
< div role = "search" >
< form id = "rtd-search-form" class = "wy-form" action = "../search.html" method = "get" >
< input type = "text" name = "q" placeholder = "Search docs" / >
< / form >
< / div >
< / div >
< div class = "wy-menu wy-menu-vertical" data-spy = "affix" role = "navigation" aria-label = "main navigation" >
< ul class = "current" >
< li class = "toctree-l1" >
< a class = "" href = ".." > Home< / a >
< / li >
2017-06-28 16:50:07 -07:00
< li class = "toctree-l1" >
2017-06-28 21:34:09 -07:00
< a class = "" href = "../serve_and_share_apps_from_your_phone_with_fdroid/" > Serve And Share Apps From Your Phone With Fdroid< / a >
2017-06-28 16:50:07 -07:00
< / li >
2017-06-27 16:44:04 -07:00
< li class = "toctree-l1 current" >
< a class = "current" href = "./" > Nspawn< / a >
< ul class = "subnav" >
< li class = "toctree-l2" > < a href = "#nspawn-containers" > Nspawn Containers< / a > < / li >
< ul >
< li > < a class = "toctree-l3" href = "#create-a-filesystem" > Create a FileSystem< / a > < / li >
< li > < a class = "toctree-l3" href = "#first-boot-and-create-root-password" > First boot and create root password< / a > < / li >
< li > < a class = "toctree-l3" href = "#networking" > Networking< / a > < / li >
< li > < a class = "toctree-l3" href = "#automatically-starting-the-container" > Automatically Starting the Container< / a > < / li >
< li > < a class = "toctree-l3" href = "#initial-configuration-inside-the-container" > Initial Configuration Inside The Container< / a > < / li >
< / ul >
< / ul >
< / li >
< li class = "toctree-l1" >
2017-06-28 16:11:23 -07:00
< a class = "" href = "../arch_redis_nspawn/" > Quick Dirty Redis Nspawn Container on Arch Linux< / a >
< / li >
< li class = "toctree-l1" >
< a class = "" href = "../arch_postgresql_nspawn/" > Quick Dirty Postgresql Nspawn Container on Arch Linux< / a >
< / li >
2017-06-27 16:44:04 -07:00
< / ul >
< / div >
< / nav >
< section data-toggle = "wy-nav-shift" class = "wy-nav-content-wrap" >
< nav class = "wy-nav-top" role = "navigation" aria-label = "top navigation" >
< i data-toggle = "wy-nav-top" class = "fa fa-bars" > < / i >
< a href = ".." > Trent Docs< / a >
< / nav >
< div class = "wy-nav-content" >
< div class = "rst-content" >
< div role = "navigation" aria-label = "breadcrumbs navigation" >
< ul class = "wy-breadcrumbs" >
< li > < a href = ".." > Docs< / a > » < / li >
< li > Nspawn< / li >
< li class = "wy-breadcrumbs-aside" >
< / li >
< / ul >
< hr / >
< / div >
< div role = "main" >
< div class = "section" >
< h1 id = "nspawn-containers" > Nspawn Containers< / h1 >
2017-06-28 16:11:23 -07:00
< p > < a href = "https://wiki.archlinux.org/index.php/Systemd-nspawn" > This Link For Arch Linux Wiki for Nspawn Containers< / a > < / p >
2017-06-27 16:44:04 -07:00
< h3 id = "create-a-filesystem" > Create a FileSystem< / h3 >
< pre > < code class = "bash" > cd /var/lib/machines
# create a directory
mkdir < container>
# use pacstrap to create a file system
pacstrap -i -c -d < container> base --ignore linux
< / code > < / pre >
2017-06-28 16:11:23 -07:00
< p > At this point you might want to copy over some configs to save time later.< / p >
< ul >
< li > /etc/locale.conf< / li >
< li > /root/.bashrc< / li >
< li > /etc/locale.gen< / li >
< / ul >
2017-06-27 16:44:04 -07:00
< h3 id = "first-boot-and-create-root-password" > First boot and create root password< / h3 >
< pre > < code class = "bash" > systemd-nspawn -b -D < container>
passwd
poweroff
# if you want to nat the container add *-n* flag
systemd-nspawn -b -D < container> -n
# and to bind mount the package cache
systemd-nspawn -b -D < container> -n --bind=/var/cache/pacman/pkg
< / code > < / pre >
< h3 id = "networking" > Networking< / h3 >
< p > On Arch, assuming you have systemd-networkd and systemd-resolved
set up correctly, networking from the host end of things should
just work.< br / >
However on Linode it does not. What does work on Linode is to create
a bridge interface. Two files for br0 will get the job done.< / p >
< pre > < code class = "text" > # /etc/systemd/network/50-br0.netdev
[NetDev]
Name=br0
Kind=bridge
< / code > < / pre >
< pre > < code class = "text" > # /etc/systemd/network/50-br0.netdev
[Match]
Name=br0
[Network]
Address=10.0.55.1/24
DHCPServer=yes
IPMasquerade=yes
< / code > < / pre >
< p > Notice how the configuration file tells systemd-networkd to offer
DHCP service and to perform masquerade. You can modify the < code > systemd-nspawn< / code >
command to use the bridge interface. Every container attached to this bridge
will be on the same subnet and able to talk to each other.< / p >
< pre > < code class = "bash" > # first restart systemd-networkd to bring up the new bridge interface
systemctl restart systemd-networkd
# and add --network-bridge=br0 to systemd-nspawn command
systemd-nspawn -b -D < container> --network-bridge=br0 --bind=/var/cache/pacman/pkg
< / code > < / pre >
< h3 id = "automatically-starting-the-container" > Automatically Starting the Container< / h3 >
< p > There are two ways to automate starting the container. You can override
< code > systemd-nspawn@.service< / code > or create an < em > nspawn< / em > file. < / p >
< p > First enable machines.target< / p >
< pre > < code class = "bash" > # to override the systemd-nspawn@.service file
cp /lib/systemd/system/systemd-nspawn@.service /etc/systemd/system/systemd-nspawn@< container> .service
< / code > < / pre >
< p > Edit < code > /etc/systemd/system/systemd-nspawn@< container> .service< / code > to add the < code > systemd-nspawn< / code > options
you want to the < code > ExecStart< / code > command.< / p >
< p > Or create < code > /etc/systemd/nspawn/< container> .nspawn< / code > < / p >
< pre > < code class = "text" > # /etc/systemd/nspawn/< container> .nspawn
2017-06-28 23:20:33 -07:00
[Files]
2017-06-27 16:44:04 -07:00
Bind=/var/cache/pacman/pkg
[Network]
Bridge=br0
< / code > < / pre >
2017-06-28 23:20:33 -07:00
< pre > < code class = "text" > # /etc/systemd/nspawn/< container> .nspawn
[Files]
Bind=/var/cache/pacman/pkg
[Network]
VirtualEthernet=1 # this seems to be the default sometimes, though
< / code > < / pre >
2017-06-27 16:44:04 -07:00
< pre > < code class = "bash" > # in either case
systemctl start/enable systemd-nspawn@< container>
# to get a shell
machinectl shell < container>
# and then to get an environment
bash
< / code > < / pre >
< h3 id = "initial-configuration-inside-the-container" > Initial Configuration Inside The Container< / h3 >
< pre > < code class = "bash" > # set time zone if you don't want UTC
timedatectl set-timezone < timezone>
# enable ntp, networktime
timedatectl set-ntp 1
2017-06-28 16:11:23 -07:00
# enable networking from inside the container
systemctl enable systemd-networkd
systemctl start systemd-networkd
systemctl enable systemd-resolved
systemctl start systemd-resolved
rm /etc/resolv.conf
ln -s /run/systemd/resolve/resolv.conf /etc/
# ping google
ping -c 3 google.com
2017-06-27 16:44:04 -07:00
< / code > < / pre >
< p > < a href = "https://wiki.archlinux.org/index.php/locale" > If you want to change the locale< / a > < / p >
< / div >
< / div >
< footer >
< div class = "rst-footer-buttons" role = "navigation" aria-label = "footer navigation" >
2017-06-28 16:11:23 -07:00
< a href = "../arch_redis_nspawn/" class = "btn btn-neutral float-right" title = "Quick Dirty Redis Nspawn Container on Arch Linux" > Next < span class = "icon icon-circle-arrow-right" > < / span > < / a >
2017-06-27 16:44:04 -07:00
2017-06-28 21:34:09 -07:00
< a href = "../serve_and_share_apps_from_your_phone_with_fdroid/" class = "btn btn-neutral" title = "Serve And Share Apps From Your Phone With Fdroid" > < span class = "icon icon-circle-arrow-left" > < / span > Previous< / a >
2017-06-27 16:44:04 -07:00
< / div >
< hr / >
< div role = "contentinfo" >
<!-- Copyright etc -->
< / div >
Built with < a href = "http://www.mkdocs.org" > MkDocs< / a > using a < a href = "https://github.com/snide/sphinx_rtd_theme" > theme< / a > provided by < a href = "https://readthedocs.org" > Read the Docs< / a > .
< / footer >
< / div >
< / div >
< / section >
< / div >
< div class = "rst-versions" role = "note" style = "cursor: pointer" >
< span class = "rst-current-version" data-toggle = "rst-current-version" >
2017-06-28 21:34:09 -07:00
< span > < a href = "../serve_and_share_apps_from_your_phone_with_fdroid/" style = "color: #fcfcfc;" > « Previous< / a > < / span >
2017-06-27 16:44:04 -07:00
2017-06-28 16:11:23 -07:00
< span style = "margin-left: 15px" > < a href = "../arch_redis_nspawn/" style = "color: #fcfcfc" > Next » < / a > < / span >
2017-06-27 16:44:04 -07:00
< / span >
< / div >
< script src = "../js/theme.js" > < / script >
< / body >
< / html >