systemd-nspawn container portability

Cody Learner · 2018-04-28 16:41:49

I've been investigating containers for testing scripts. Many options available! Started out with docker and played around with it for a few days. Although It does what I want, it's feature set goes way beyond my needs, and it seems somewhat cumbersome to work with.

This morning I went back to the to the Arch wiki, and tried systemd-nspawn. Within a few min, I had a system up and running, and have direct access to it's file system, etc from the host. This seems simply awesome for my needs.

My question is how portable is it? Any reason I couldn't tar the container filesystem to use/share on another Arch system? Share on github?

So stoked with this, I've not tried yet.

Slithery · 2018-04-28 17:06:17

It should work on any Linux with a modern systemd installed.

Remember it's possible to get a smaller image by not installing everything in base...
https://bbs.archlinux.org/viewtopic.php … 4#p1512824

Cody Learner · 2018-04-28 18:18:26

Thanks for info Slithery. I'll have to try your one liner.

I left out the kernel, linux-firmware, etc per the wiki, 'pacstrap --ignore linux'.

I was so stoked, I literally posted minutes after getting the container up, and still figuring things out. This seems is so much more straight forward than docker and a much better fit for for my use. If only would have started with this...

I'll play around with this today, see how much I can minimize the size, etc.

I discovered with docker, unless you build a new image as per what you need, the image can end up huge. I used the Arch base image to build upon, adding and deleting stuff along the way, only to discover due to the "snapshot " nature of how it works, deleting stuff from the container does not translate directly to reducing image size. Even with deleting everything possible, exporting, importing, etc ended up with large image.

Since posting, found machinectl. Seems it has a built in feature of what I was asking about doing manually, ie: 'export-tar'.

$ machinectl 
bind             copy-from        export-raw       import-tar       list-transfers   pull-tar         rename           show-image       terminate
cancel-transfer  copy-to          export-tar       kill             login            read-only        set-limit        start            
clean            disable          image-status     list             poweroff         reboot           shell            status           
clone            enable           import-raw       list-images      pull-raw         remove           show             stop

EDIT: add Slithery one liner script results:

[cody@Container ~]$ slithery

Number of installed packages: 135
# Packages in base group that aren't installed
linux
linux-firmware
mkinitcpio
mkinitcpio-busybox

# Packages installed that aren't in base group
dnssec-anchors
ldns
libedit
openssh
sudo

# pstree
systemd─┬─dbus-daemon
        ├─login───bash───su───bash───su───bash───slitherly───pstree
        ├─lvmetad
        ├─systemd───(sd-pam)
        ├─systemd-journal
        └─systemd-logind

# enabled services
autovt@.service                        enabled        
console-getty.service                  enabled-runtime
getty@.service                         enabled        

# ssd df
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda7       517G  206G  285G  43% /

# free
              total        used        free      shared  buff/cache   available
Mem:           7979        2568         678         210        4732        5530
Swap:          7170           1        7169

EDIT: add info

Not able to get it below github 100MB max size limit!

# du -smc *
141	arch-test2.tar.gz
470	container1
611	total

$ slithery

Number of installed packages: 122
# Packages in base group that aren't installed
gettext
groff
jfsutils
libpipeline
linux
linux-firmware
man-db
man-pages
mkinitcpio
mkinitcpio-busybox
netctl
openresolv
pcmciautils
reiserfsprogs
s-nail
texinfo
vi
xfsprogs

# Packages installed that aren't in base group
dnssec-anchors
expac
ldns
libedit
openssh
sudo

$ expac -H M '%m\t%n' | sort -hr | head -n 60 | column -t -R1
91.94  MiB  gcc-libs
52.00  MiB  perl
41.25  MiB  glibc
18.55  MiB  systemd
13.88  MiB  glib2
13.79  MiB  coreutils
10.64  MiB  util-linux
 9.38  MiB  gnupg
 7.82  MiB  sqlite
 7.17  MiB  bash
 6.50  MiB  lvm2
 6.43  MiB  db
 6.36  MiB  openssl
 5.56  MiB  gnutls
 4.91  MiB  file
 4.89  MiB  openssh
 4.49  MiB  pacman
 4.39  MiB  krb5
 4.33  MiB  e2fsprogs
 4.07  MiB  linux-api-headers
 3.85  MiB  iana-etc
 3.61  MiB  p11-kit
 3.56  MiB  ncurses
 3.47  MiB  pcre2
 3.46  MiB  shadow
 3.39  MiB  pcre
 2.73  MiB  sudo
 2.70  MiB  kbd
 2.61  MiB  tar
 2.60  MiB  pam
 2.47  MiB  gawk
 2.26  MiB  nano
 2.25  MiB  libunistring
 2.14  MiB  iproute2
 2.05  MiB  libelf
 1.83  MiB  libsecret
 1.82  MiB  tzdata
 1.79  MiB  iptables
 1.78  MiB  ldns
 1.65  MiB  libnl
 1.60  MiB  hwids
 1.54  MiB  findutils
 1.53  MiB  curl
 1.51  MiB  cryptsetup
 1.45  MiB  libsystemd
 1.35  MiB  thin-provisioning-tools
 1.34  MiB  libgcrypt
 1.28  MiB  libutil-linux
 1.27  MiB  procps-ng
 1.22  MiB  diffutils
 1.13  MiB  gpgme
 1.12  MiB  mdadm
 1.04  MiB  inetutils
 1.03  MiB  libgpg-error
 1.00  MiB  libarchive
 0.92  MiB  gmp
 0.92  MiB  ca-certificates-mozilla
 0.91  MiB  dbus
 0.90  MiB  archlinux-keyring
 0.88  MiB  libldap

Last edited by Cody Learner (2018-04-28 22:00:15)

Arch Linux

#1 2018-04-28 16:41:49

systemd-nspawn container portability

#2 2018-04-28 17:06:17

Re: systemd-nspawn container portability

#3 2018-04-28 18:18:26

Re: systemd-nspawn container portability

Board footer