search for: nspawn

tl;dr - Is anybody "running" a Fedora system via systemd-nspawn under CentOS? Long version: Before CentOS 7, I used chroot to create "lightweight containers" where I could cleanly add extra repos and/or software without the risk of "polluting" my main system (and potentially ending up in dependency hell). The primary driver for this was M...

Last night I was tinkering with `systemd-nspawn` -- namespace based container for testing, I thought I'll post what I tried with libguestfs here: Prerequisite ------------ Because of an audit subsystem incompatibility bug - rhbz#966807[1], turn off auditing by booting the host w/ 'audit=0' on Kernel command line. (NOTE: There'...

On 01/30/2014 07:41 AM, Kashyap Chamarthy wrote: > Last night I was tinkering with `systemd-nspawn` -- namespace based > container for testing, I thought I'll post what I tried with libguestfs > here: > > > Prerequisite > ------------ > > Because of an audit subsystem incompatibility bug - rhbz#966807[1], turn > off auditing by booting the host w/ 'audit=0&...

On Thu, Jan 30, 2014 at 05:07:23PM +0530, Kashyap Chamarthy wrote: > On 01/30/2014 04:38 PM, Daniel P. Berrange wrote: > > [. . .] > > >> > >> Despite reading from the `systemd-nspawn` man page: > >> > >> ". . .kernel modules may not be loaded from within the container." > >> > >> I purposefully tried from inside the container: > > > > With container based virt there is only one kernel image, > > Noted, that'...

??? ??? systemd-nspawn fails in C7 with ???? ??? ------------ nspawn error -------- ??? sudo? systemd-nspawn ??? Spawning namespace container on /mnt/usb (console is /dev/pts/1). ??? Init process in the container running as PID 1799. ??? Failed to open system bus: No such file or directory ??? Failed to open system bus:...

...mprove performance of > virtio networking) > QEMU: Checking for device /dev/net/tun > : FAIL (Load the 'tun' module to enable networking for QEMU guests) > LXC: Checking for Linux >= 2.6.26 > : PASS > ========= > > Despite reading from the `systemd-nspawn` man page: > > ". . .kernel modules may not be loaded from within the container." > > I purposefully tried from inside the container: With container based virt there is only one kernel image, so any modules you want must be loaded in the host. Libvirt "passthrough&quo...

...rated by a persistent > database that's very sensitive to instances leaving and joining the > domain seems the antithesis to docker's philosophy. > Docker would be a terrible choice for this; Docker is really designed to containerize a single app; for a suite of tools use LXD or nspawn. While I haven't used nspawn, I'm a huge fan of LXD, which is simple, elegant, well maintained, and UNIX-y in feel. If you're on Ubuntu or need to run an Ubuntu container, LXD is a no-brainer choice.

On 01/30/2014 04:38 PM, Daniel P. Berrange wrote: [. . .] >> >> Despite reading from the `systemd-nspawn` man page: >> >> ". . .kernel modules may not be loaded from within the container." >> >> I purposefully tried from inside the container: > > With container based virt there is only one kernel image, Noted, that's one of the main aspects, right, of con...

...11s > > This is timing the build only? Yes. (I wonder if Btrfs matters here.) > > I'm surprised it is slower in the container. Is memory or # CPUs > limited? I haven't done cgroups tuning or deep introspection or any such. It's just a default invocation of `systemd-nspawn`. That said, from inside the container: ========= -bash-4.2# cat /proc/cpuinfo | grep processor | wc -l 48 -bash-4.2# free -m total used free shared buffers cached Mem: 64259 12461 51798 49 1 10757 -/+ buffers/cache:...

Hi all, It seems RH will deprecate LXC (https://access.redhat.com/articles/1365153) and will go to docker way (or maybe I am totally wrong). Is this true?? Will be systemd-nspawn a lightweight replacement for LXC containers?? Thanks. -- Greetings, C. L. Martinez

On Thu, Jan 30, 2014 at 11:50:35AM +0530, Kashyap Chamarthy wrote: > > - Single `make` job timing to compile everything: > > > > real 31m9.792s > > user 17m18.359s > > sys 13m17.868s > > For comparison, on the _host_, the same single `make` job timing: > > real 13m41.440s > user 13m5.816s > sys 1m9.911s

On 11/17/2015 12:39 PM, Matt Garman wrote: > Now I have a need for a particular piece of software: HandBrake. I > found this site[1] that packages it for both Fedora and CentOS. But > the CentOS version is a little older, as the latest HandBrake requires > gtk3. The latest version is available for Fedora however. > Hmm, Nux Dextop (li.nux.ro) has HandBrake 0.9.9 for C7, but not

...OS : Up-to-date Archlinux (as of 2017-12-31) ### Expected behaviour `sudo -u exim telnet smtp.bbox.fr 25` should be able to connect. ### Actual behaviour `sudo -u exim telnet smtp.bbox.fr 25` times out. ### Steps to reproduce the problem The setup is such: * Archlinux host * Archlinux systemd-nspawn guest (named `seuil3`), launched with the standard `systemd-nspawn at .service` launcher, plus the following drop-in: ``` [Service] ExecStart= ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=guest -U --settings=override --machine=%i ``` By changing `-U` (== with user na...

On 2015-11-18 19:41, Warren Young wrote: > On Nov 18, 2015, at 1:20 PM, Kwan Lowe <kwan.lowe at gmail.com> wrote: try systemd-nspawn and use it instead of virtualizing, will save you some bits of memory.

...gt; persistent database that's very sensitive to instances leaving and >> joining the domain seems the antithesis to docker's philosophy. >> >Docker would be a terrible choice for this; Docker is really designed to containerize a single app; for a suite of tools use LXD or nspawn. >While I haven't used nspawn, I'm a huge fan of LXD, which is simple, elegant, well maintained, and UNIX-y in feel. If you're on Ubuntu or need to run an Ubuntu container, LXD is a no-brainer choice. I am aware that Docker is criticized for deviating or extending the container spe...

On Mon, Oct 24, 2016 at 1:32 PM, Matt Garman <matthew.garman at gmail.com> wrote: > On Sun, Oct 23, 2016 at 8:02 AM, Larry Martell <larry.martell at gmail.com> wrote: >>> To be clear: the python script is moving files on the same NFS file >>> system? E.g., something like >>> >>> mv /mnt/nfs-server/dir1/file /mnt/nfs-server/dir2/file

...open it even though it has 666 permissions. It seems this is exactly what lxd does to allow VPNs for their unprivileged containers, as shown by the output of ls -l /dev/net total 0 crw-rw-rw- 1 nobody nogroup 10, 200 Jan 29 13:23 tun The same container can also be successfully booted with systemd-nspawn, also allowing openconnect to create its VPN (though systemd-nspawn appears to create a new device node, owned by root relative to the user namespace). I already tried setting security driver to "none" in /etc/libvirt/lxc.conf, but it had no effect. I get "Operation not permitted&qu...

On 7/4/19 12:49 PM, Joachim Lindenberg wrote: > * I am not (yet) familiar with LXD or nspawn. Do you have any pointer on how Samba DC works with LXD? > I've only used LXD for containerizing web applications so far.

...an easily be migrated to another physical machine too. On the other hand, on a regular fileserver, you can add/remove shares, reconfigure storage, use large storage, and generally more often interact with whole system. There's an interesting approach to running an application within a systemd-nspawn container off the system root, it fits this usage very nicely and there's no need to administer extra system. Unfortunately systemd basically stepped away from ability to spawn containers off the system root, they've added several checks which prevent this usage. Maybe there's some oth...

On 30/01/2023 13:44, Michael Tokarev via samba wrote: > After realizing that people don't realize (heh) samba DC is > not a regular fileserver, Sorry, but it is a regular fileserver (sysvol), it just works differently to a Unix domain member. > an idea come to me. > > How about building two different samba packages (on a distribution > such as debian), one being a regular