![[Zobrazit/Skrýt nabídky vlevo]](img/icons/oleftcol.png "[Zobrazit/Skrýt nabídky vlevo]"){kind=icon}
![[Zobrazit/Skrýt nabídky vpravo]](img/icons/orightcol.png "[Zobrazit/Skrýt nabídky vpravo]"){kind=icon}
nspawn
How to create nspawn container:
- you have to have pretty new template (systemd >= 209)
Create, start nspawn ct:
- download precreated template and unpack it to /var/lib/machines/<ct name>
- machinectl start <cr name>
- machinectl or machinectl list shows running ct, machinectl login to enter container
Login and logout nspawn ct:
- login: machinect login
- logout: ctrl + ]]] (within 1s)
How to enable CT starting after boot:
- systemctl enable machines.target
- systemctl enable systemd-nspawn@<containername>.service
When some override to particular CT is needed, just run this and overrride default settings:
- systemctl edit systemd-nspawn v(e) antispam.service
How to overrride system service
Systemd default systemd-nspawn@.service is not enough for us. To override service, use command "systemctl edit systemd-nspawn@.service" and undefine and define appropriate lines like:
[Service] ExecStart= ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --machine=%I
Use the same procedure to edit particular nspawn, like add NET_ADMIN capabilities for particular nspawn: "systemctl edit systemd-nspawn v(e) openport.service":
[Service] ExecStart= ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --capability=CAP_NET_ADMIN --machine=%I
Known problems
- cannot start new container: Have to create machine-id - systemd-machine-id-setup --root=/var/lib/machines/<container_name> OR, use next procedure (ugly):
- failed first start: If there is some problems on start template, try to run ct by invoking "systemd-nspawn --capability=CAP_NET_ADMIN -bD /var/lib/machines/netserv/" Terminate container with ctrl + ]]]. Second and another starts should be OK.
- cannot login: edit /etc/securetty and add to the end of file "pts/0" Otherwise, user login to conteiner will not be able.
- cannot start new container: Have to create machine-id - systemd-machine-id-setup --root=/var/lib/machines/<container_name>
Useful commands:
- systemctl list-machines
- ps ax -eo pid,machine,args
- systemctl start|stop machines.target - starts or stop all machines together
- systemctl start systemd-nspawn@<machine name> - start or stop particular machine
![[přepni]](javascript:icntoggle('mod-Application_Menuleft1','module.png'); "[přepni]"){kind=small}