devops/sponson

Sponson is a tool to create and setup `systemd-nspawn` containers in a Docker-like way, without using Docker.

Lapwing.Org: Sponson

About

Sponson is a tool to create and setup systemd-nspawn containers in a Docker-like way, without using Docker.

Requirements

  • python3 >= 3.4
  • Linux kernel >= 4.2 with overlayfs support
  • Python3 DBUS bindings, provided by dbus-python
  • Python3 gobject bindings, provided by python3-gobject
  • systemd >= 222
  • dnsmasq
  • firewalld
  • ostree
  • lsof

If the host is Fedora 23 Workstation, run dnf install ostree lsof

For Fedora 24/25/26 Workstation, run dnf install systemd-container ostree lsof

For Fedora 23 Cloud, run dnf install firewalld dnsmasq python3-gobject ostree lsof

For Fedora 24/25/26 Cloud, run dnf install firewalld dnsmasq python3-gobject systemd-container ostree lsof

nsswitch.conf

To be able to connect with containers from the host, /etc/nsswitch.conf requires mymachines in the hosts line, for example

hosts: files dns mymachines

selinux

If selinux is installed and enabled, you will need to import a module to allow sponson to setup the firewall when bringing up a container.

sudo semodule -i {path to sponson}/selinux/sponson.pp

If the module does not import, you can build the module using

checkmodule -M -m -o {path to sponson}/selinux/sponson.mod {path to sponson}/selinux/sponson.te

semodule_package -o {path to sponson}/selinux/sponson.pp -m {path to sponson}/selinux/sponson.mod

sudo semodule -i {path to sponson}/selinux/sponson.pp

Fedora 25 also seems to have faults with machinectl accessing /var/lib/machines, so you might want to also use the provided systemdmachine.pp.

Licence

Sponson is Copyright (C) 2015-2017 Sam Black samwwwblack@lapwing.org.

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see https://www.gnu.org/licenses/.