picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

man: document nspawn's new --volatile=overlay switch

Browse source
This commit is contained in:
Lennart Poettering 2018-12-21 21:45:46 +01:00
parent adc6f43b14
commit b23f16283d
1 changed files with 71 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

115
man/systemd-nspawn.xml
View file

@ -167,9 +167,9 @@
template path refers to the root of a <literal>btrfs</literal> subvolume, in which case a simple copy-on-write template path refers to the root of a <literal>btrfs</literal> subvolume, in which case a simple copy-on-write
snapshot is taken, and populating the root directory is instant. If the specified template path does not refer snapshot is taken, and populating the root directory is instant. If the specified template path does not refer
to the root of a <literal>btrfs</literal> subvolume (or not even to a <literal>btrfs</literal> file system at to the root of a <literal>btrfs</literal> subvolume (or not even to a <literal>btrfs</literal> file system at
all), the tree is copied (though possibly in a copy-on-write scheme — if the file system supports that), which all), the tree is copied (though possibly in a 'reflink' copy-on-write scheme — if the file system supports
can be substantially more time-consuming. May not be specified together with <option>--image=</option> or that), which can be substantially more time-consuming. May not be specified together with
<option>--ephemeral</option>.</para> <option>--image=</option> or <option>--ephemeral</option>.</para>
<para>Note that this switch leaves host name, machine ID and <para>Note that this switch leaves host name, machine ID and
all other settings that could identify the instance all other settings that could identify the instance
@ -183,9 +183,16 @@
<listitem><para>If specified, the container is run with a temporary snapshot of its file system that is removed <listitem><para>If specified, the container is run with a temporary snapshot of its file system that is removed
immediately when the container terminates. May not be specified together with immediately when the container terminates. May not be specified together with
<option>--template=</option>.</para> <option>--template=</option>.</para>
<para>Note that this switch leaves host name, machine ID and <para>Note that this switch leaves host name, machine ID and all other settings that could identify the
all other settings that could identify the instance instance unmodified. Please note that — as with <option>--template=</option> — taking the temporary snapshot is
unmodified.</para></listitem> more efficient on file systems that support subvolume snapshots or 'reflinks' naively (<literal>btrfs</literal>
or new <literal>xfs</literal>) than on more traditional file systems that do not
(<literal>ext4</literal>).</para>
<para>With this option no modifications of the container image are retained. Use
<option>--volatile=</option> (described below) for other mechanisms to restrict persistency of
container images during runtime.</para>
</listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
@ -899,8 +906,12 @@
<varlistentry> <varlistentry>
<term><option>--read-only</option></term> <term><option>--read-only</option></term>
<listitem><para>Mount the root file system read-only for the <listitem><para>Mount the container's root file system (and any other file systems container in the container
container.</para></listitem> image) read-only. This has no effect on additional mounts made with <option>--bind=</option>,
<option>--tmpfs=</option> and similar options. This mode is implied if the container image file or directory is
marked read-only itself. It is also implied if <option>--volatile=</option> is used. In this case the container
image on disk is strictly read-only, while changes are permitted but kept non-persistently in memory only. For
further details, see below.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
@ -931,20 +942,16 @@
<varlistentry> <varlistentry>
<term><option>--tmpfs=</option></term> <term><option>--tmpfs=</option></term>
<listitem><para>Mount a tmpfs file system into the container. <listitem><para>Mount a tmpfs file system into the container. Takes a single absolute path argument that
Takes a single absolute path argument that specifies where to specifies where to mount the tmpfs instance to (in which case the directory access mode will be chosen as 0755,
mount the tmpfs instance to (in which case the directory owned by root/root), or optionally a colon-separated pair of path and mount option string that is used for
access mode will be chosen as 0755, owned by root/root), or mounting (in which case the kernel default for access mode and owner will be chosen, unless otherwise
optionally a colon-separated pair of path and mount option specified). Backslash escapes are interpreted in the path, so <literal>\:</literal> may be used to embed colons
string that is used for mounting (in which case the kernel in the path.</para>
default for access mode and owner will be chosen, unless
otherwise specified). This option is particularly useful for <para>Note that this option cannot be used to replace the root file system of the container with a temporary
mounting directories such as <filename>/var</filename> as file system. However, the <option>--volatile=</option> option described below provides similar
tmpfs, to allow state-less systems, in particular when functionality, with a focus on implementing stateless operating system images.</para></listitem>
combined with <option>--read-only</option>.
Backslash escapes are interpreted in the path, so
<literal>\:</literal> may be used to embed colons in the path.
</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
@ -1002,7 +1009,11 @@
be on the same file system as the top-most directory be on the same file system as the top-most directory
tree). Also note that the <literal>lowerdir=</literal> mount tree). Also note that the <literal>lowerdir=</literal> mount
option receives the paths to stack in the opposite order of option receives the paths to stack in the opposite order of
this switch.</para></listitem> this switch.</para>
<para>Note that this option cannot be used to replace the root file system of the container with an overlay
file system. However, the <option>--volatile=</option> option described below provides similar functionality,
with a focus on implementing stateless operating system images.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
@ -1074,33 +1085,49 @@
<term><option>--volatile</option></term> <term><option>--volatile</option></term>
<term><option>--volatile=</option><replaceable>MODE</replaceable></term> <term><option>--volatile=</option><replaceable>MODE</replaceable></term>
<listitem><para>Boots the container in volatile mode. When no <listitem><para>Boots the container in volatile mode. When no mode parameter is passed or when mode is
mode parameter is passed or when mode is specified as specified as <option>yes</option>, full volatile mode is enabled. This means the root directory is mounted as a
<option>yes</option>, full volatile mode is enabled. This mostly unpopulated <literal>tmpfs</literal> instance, and <filename>/usr/</filename> from the OS tree is
means the root directory is mounted as a mostly unpopulated mounted into it in read-only mode (the system thus starts up with read-only OS image, but pristine state and
<literal>tmpfs</literal> instance, and configuration, any changes are lost on shutdown). When the mode parameter is specified as
<filename>/usr</filename> from the OS tree is mounted into it <option>state</option>, the OS tree is mounted read-only, but <filename>/var/</filename> is mounted as a
in read-only mode (the system thus starts up with read-only OS writable <literal>tmpfs</literal> instance into it (the system thus starts up with read-only OS resources and
image, but pristine state and configuration, any changes configuration, but pristine state, and any changes to the latter are lost on shutdown). When the mode parameter
are lost on shutdown). When the mode parameter is specified as <option>overlay</option> the read-only root file system is combined with a writable
is specified as <option>state</option>, the OS tree is <filename>tmpfs</filename> instance through <literal>overlayfs</literal>, so that it appears at it normally
mounted read-only, but <filename>/var</filename> is mounted as would, but any changes are applied to the temporary file system only and lost when the container is
a <literal>tmpfs</literal> instance into it (the system thus terminated. When the mode parameter is specified as <option>no</option> (the default), the whole OS tree is
starts up with read-only OS resources and configuration, but made available writable (unless <option>--read-only</option> is specified, see above).</para>
pristine state, and any changes to the latter are lost on
shutdown). When the mode parameter is specified as <para>Note that if one of the volatile modes is chosen, its effect is limited to the root file system (or
<option>no</option> (the default), the whole OS tree is made <filename>/var/</filename> in case of <option>state</option>), and any other mounts placed in the hierarchy are
available writable.</para> unaffected — regardless if they are established automatically (e.g. the EFI system partition that might be
mounted to <filename>/efi/</filename> or <filename>/boot/</filename>) or explicitly (e.g. through an additional
command line option such as <option>--bind=</option>, see above). This means, even if
<option>--volatile=overlay</option> is used changes to <filename>/efi/</filename> or
<filename>/boot/</filename> are prohibited in case such a partition exists in the container image operated on,
and even if <option>--volatile=state</option> is used the hypothetical file <filename>/etc/foobar</filename> is
potentially writable if <option>--bind=/etc/foobar</option> if used to mount it from outside the read-only
container <filename>/etc</filename> directory.</para>
<para>The <option>--ephemeral</option> option is closely related to this setting, and provides similar
behaviour by making a temporary, ephemeral copy of the whole OS image and executing that. For further details,
see above.</para>
<para>The <option>--tmpfs=</option> and <option>--overlay=</option> options provide similar functionality, but
for specific sub-directories of the OS image only. For details, see above.</para>
<para>This option provides similar functionality for containers as the <literal>systemd.volatile=</literal> <para>This option provides similar functionality for containers as the <literal>systemd.volatile=</literal>
kernel command line switch provides for host systems. See kernel command line switch provides for host systems. See
<citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry> for <citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
details.</para> details.</para>
<para>Note that enabling this setting will only work correctly with operating systems in the container that can <para>Note that setting this option to <option>yes</option> or <option>state</option> will only work correctly
boot up with only <filename>/usr</filename> mounted, and are able to automatically populate with operating systems in the container that can boot up with only <filename>/usr</filename> mounted, and are
<filename>/var</filename>, and also <filename>/etc</filename> in case of able to automatically populate <filename>/var</filename>, and also <filename>/etc</filename> in case of
<literal>--volatile=yes</literal>.</para></listitem> <literal>--volatile=yes</literal>. The <option>overlay</option> option does not require any particular
preparations in the OS, but do note that <literal>overlayfs</literal> behaviour differs from regular file
systems in a number of ways, and hence compatibility is limited.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>