I have a variety of containers that I would like to spin up on a host, and have them immediately get an IP from my DHCP server, just as my bare metal devices do (phone, laptop, NAS, etc)
I would like to be able to destroy these containers at will without a lot of cruft (bridges, VLANS, etc) leftover on my host system.
what are some simple spinup.sh and teardown.sh commands I could use in that workflow? Or maybe everything could be neatly contained in /etc/systemd/nspawn/container-x.nspawn?
Note: I am specifically looking for a non-docker solution. Something that is only reliant on systemd
The networking is actually surprisingly easy. By default (at least with the versions that I've used), the container will use the host's network interfaces. There are many ways of doing this, but the following recipe to set up a container to run a VNC client using
systemd-nspawn(on a console only host) should provide a good basis for further experimentation:-The host will need the following packages to be installed:
debootstrap,systemd-container,sway,xwayland(xwaylandis only required becausetigervnc-vieweris not a native Wayland app).To create the container:
Then set up the container. Get a root prompt with:
Then add a non-root user (e.g. 'theuser'):
Finally, enable basic networking in the container, and exit it:
Some config for the container is required. Create the file
/etc/systemd/nspawn/vncviewer.nspawnwith this content :To run the container:
To stop it, you can either kill the
systemd-nspawnprocess, or (IIRC)machinectl poweroff vncviewerTo completely remove it, you can just delete
/var/lib/machines/vncviewerand/etc/systemd/nspawn/vncviewer.nspawn.