Running containers and Operating System images with systemd-nspawn
2019-05-04, 12:00–12:50, Room A

In this talk, I'll discuss systemd-nspawn and machinectl, two tools in the systemd suite for container management. We'll discuss the tools themselves, the differences between them and other container solutions and how to manage systems that use these containers.


According to its manpage, systemd-nspawn

may be used to run a command or OS in a light-weight namespace container. In many ways it is similar to chroot(1), but more powerful since it fully virtualizes the file system hierarchy, as well as the process tree, the various IPC subsystems and the host and domain name.

In this talk, I'll go over what all of this means, how to use systemd-nspawn and how nspawn differs from docker, lxc/lxd and qemu-kvm.

After that, I'll discuss how to use the systemd-nspawn and machinectl commands, how to run services inside containers and how to introspect the containers.

After this, I'll quickly touch on a related project called mkosi ("make operating system image") that can be used to create images for containers and virtual-machines in one go.

Basic knowledge of systemd service management and containers is recommended to attend this talk.

See also: slides

Educated as a Systems and Network Engineer and having dabbled with DevOps-y things for years, Pieter's official title now is "Senior PowerDNS Engineer". As such, he works on the PowerDNS source code, the build/CI/packaging pipeline and running the infrastructure around the PowerDNS open source project. He is also involved in the broader DNS operations and standards communities to make the Internet a better place.