|
|
|
|
|
|
by vaylian
458 days ago
|
|
|
> I often wonder, why isn't systemd-nspawn[0] used more often? I think most people simply don't know about it. A lot of people also don't know that there are alternatives to Docker. I use both, systemd-nspawn and podman containers. They serve different purposes: systemd-nspawn: Run a complete operation system in a container. Updates are applied in-place. The whole system is writeable. I manage this system myself. I also use the -M switch for the systemctl and journalctl commands on the host to peek into my nspawn-containers. I create the system with debootstrap. podman: Run a stripped down operating system or just a contained executable with some supporting files. Most of the system is read-only with some writeable volumes mounted at well-defined locations in the file system tree. I don't manage the container image myself and I have activated auto-updates via the quadlet definition file. I create the container based on an image from a public container registry. Both solutions have their place. systemd-nspawn is a good choice if you want to create a long-lived linux system with lots of components. podman/docker containers are a good choice if you want to containerize an application with standard requirements. systemd-nspawn is good for pet containers. podman is good for cattle containers. |
|
|