So systemd has its own containery thing. Now how do you use it?
Give it a root filesystem and launch it with
Some settings can be set in
but there are caveats that make it less than useful.
machinectl claims to abstract over the lower level
but all it really does is launch the machines using the
This service just calls
systemd-nspawn and allows settings files to override it.
systemd-nspawn determines the
.nspawn file to use based on the machine name:
This is a problem if you want to use ephemeral containers:
since presumably you're launching a lot of them with different names,
and now you need a
.nspawn file per launch (that you need to clean up too...).
Even though it claims settings will derive the name from the directory base name,
it doesn't seem to happen.
So your best bet is probably write your own templated
systemd-nspawn and using flags to run multiple instances of a container.
While you may get a veth pair, it's only L2,
so you probably still want to run an init system + something else that will handle DHCP for you.
This unfortunately makes the
--as-pid2 much less useful.
1arch-nspawn login: root 2Login incorrect
But you're sure you typed in the correct passwd.
The Archwiki suggests
that you remove the
/etc/securetty config (and associated factory setup).
which I found to be much more successful at letting me log in.