siren is a tiny and really fast (<3 overlayfs) tool for building OS containers for use with systemd-nspawn and machinectl.
It contains a subproject called imagectl - used for managing images.
- Seamless integration with systemd
- machinectl start/stop and all other machine commands (but NOT image / image transfer commands)
- systemctl start/stop/... systemd-nspawn@...service
- Without any changes in machined and systemd-nspawn@.service.
- Layered images (using overlayfs)
- Instant creation of new images using existing ones as a base
- Tagging
- Dockerfile-like syntax for Sirenfiles.
- Automatic pulling and building of base images from git repositories.
Sirenfiles are text documents containing all the commands necessary for building an image. They are quite similar to Dockerfiles.
ID http.python 2016.03.09
FROM arch-2016.03.09 git+https://github.com/LEW21/sirenfiles.git#arch
RUN pacman -S --noconfirm python-pip python-crypto
RUN pip install gunicorn
RUN mkdir /app
COPY wsgi.py /app
ENABLE http.socket
ENABLE http.service
You can find multiple ready to use Sirenfiles at LEW21/sirenfiles.
Usage: siren COMMAND [arg...]
siren [ -h | --help | -v | --version ]
Image builder for systemd-machined.
Siren Commands:
build DIR_PATH [TAG] Build an image from a Sirenfile
pull URI [TAG] Pull and build an image from a git repostory
Image Commands:
new, create NAME [BASE_NAME] Create a new image
tag TAG NAME Create an alias for the image
ro, set-read-only NAME [BOOL] Mark or unmark image read-only
set-ready NAME [BOOL] Assemble or disassemble layered image
rm, remove NAME... Remove an image
ls, list Show available container and VM images
machinectl (list-images, read-only) and docker (images) image management command names are also supported.
$ mkdir siren-build
$ GOPATH=`pwd`/siren-build go get github.com/LEW21/siren
Siren will be compiled as a single static binary called siren
, saved in the siren-build/bin/
directory. You can copy it wherever you want.
MIT license.
- Linux 4.0
- systemd 220
- NO btrfs on /var/lib/image-layers (Non-empty directory removal is bugged on overlayfs over btrfs. Use a good fs instead - eg. ext4.)
- sysctl net.ipv4.ip_forward=1 (I don't know if it's always required, but on my local PC containers can't access internet without it)
This is a rewrite of siren-sh.