systemd-nspawn

Not_OlesNot_Oles Hosting ProviderContent Writer

Today I first heard about systemd-nspawn when andrewstuart mentioned it on HN.

Doesn't look like there has been much mention of nspawn here on LES, but there is a Debian wiki page and an Arch wiki page. There is a man page on FreeDesktop.org.

Quoting from the Arch wiki: "systemd-nspawn may be used to run a command or OS in a light-weight namespace container. . . . systemd-nspawn is a simpler tool to configure than LXC or Libvirt." Hmm, simple configuration sounds pretty good!

There seems to be an nspawn.org website, which talks about a wrapper script for easier install, and there is a Github repo as well.

Might a server with a bunch of nspawn containers create an easily configured Low End Empire? 💰

Does anybody here have experience using nspawn?

Thanked by (2)FrankZ thagoat
Tagged:

Comments

  • FrankZFrankZ Moderator

    I have never heard of this, but it sounds interesting. Time to do some reading.

    Thanked by (2)Not_Oles skorous

    LES • AboutDonateRulesSupport

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    Here is what a developer of "system-level software" says about how use systemd-nspawn to run development code while being "reasonably sure it cannot destroy or otherwise negatively affect my host system." Running a Container off the Host /usr/

    Thanked by (1)FrankZ
  • NixOS's native container uses systemd-nspawn as underlying technology.

    I have spun up several nspawn containers and from the outside, it does not feel any differently from LXC.

    I am sure there are some security concerns that may be exploited some day (you don't know what you don't know), but pretty legit for my use case.

    If time permits, I would like to convert my proxmox homelab into a NixOS hypervisor running several systemd-nspawn containers.

    Thanked by (1)Not_Oles

    The all seeing eye sees everything...

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @terrorgen said: NixOS's native container uses systemd-nspawn as underlying technology.

    Interesting! TIL!

  • @terrorgen said:
    If time permits, I would like to convert my proxmox homelab into a NixOS hypervisor running several systemd-nspawn containers.

    Whats the benefit of NixOS over proxmox's KVM/LXC? I found that you can create containers for proxmox using NixOS, but I did not find any comparisons showing why it is better.

  • edited June 2023

    @somik said:
    Whats the benefit of NixOS over proxmox's KVM/LXC? I found that you can create containers for proxmox using NixOS, but I did not find any comparisons showing why it is better.

    You're comparing apples to oranges. NixOS is a distribution KVM/LXC are virtualization technologies.

    If you're talking about them being the "hypervisor OS", then the benefit is the same as if you ran NixOS in a container: you can declaratively configure the host.

    tl;dr: declarative configuration

    Thanked by (1)terrorgen
  • @jmgcaguicla said:

    @somik said:
    Whats the benefit of NixOS over proxmox's KVM/LXC? I found that you can create containers for proxmox using NixOS, but I did not find any comparisons showing why it is better.

    You're comparing apples to oranges. NixOS is a distribution KVM/LXC are virtualization technologies.

    If you're talking about them being the "hypervisor OS", then the benefit is the same as if you ran NixOS in a container: you can declaratively configure the host.

    tl;dr: declarative configuration

    Ya, found that AFTER i posted the comment... Thanks!

    So basically Nix hypervisor os is a "text based" container creator while proxmox is a gui based. So you can run NixOS inside proxmox KVMs, and even in docker/lxc containers... But why would i do that if i can run ubuntu/debian/alpine?

  • edited June 2023

    It gets tired after a while doing

    ssh machine[n]
    sudo apt update
    sudo apt upgrade
    

    Or any other repetitive tasks.
    NixOS allows you to have your system defined in a collection of configuration files.
    "Write once, run everywhere" at the OS level.

    Google "NixOS" and you'll have more people telling you the advantage of running NixOS better than I can.

    Thanked by (2)Not_Oles FrankZ

    The all seeing eye sees everything...

  • There's been a bit of discussion about systemd-nspawn on the Truenas forum as an alternative to FreeBSD jails on Truenas Scale that is Linux based.

    IXSystems opted for Kubernetes as their main container orchestration on Truenas Scale and people are looking for some of the features from jails available on Truenas Core that are not easily mapped to containers.

    Thanked by (2)Not_Oles FrankZ
  • Gave nspawn a try and actually got a container online with secondary ipv4 address using the link provided by @Not_Oles (thank you). However the link while very good seems to fizzle out when it comes to setting up ipv6.
    So does anyone have a guide for ipv6 nspawn container setup ?

    Thanked by (1)Not_Oles
Sign In or Register to comment.