On Sat, Jan 30, 2021 at 4:57 PM Gordon Messmer <gordon.messmer at gmail.com> wrote: > On 1/30/21 1:00 PM, Gena Makhomed wrote: > > I can't use CentOS Stream - it is beta quality and has critical bugs. > > For example: https://bugzilla.redhat.com/show_bug.cgi?id=1913806 > > > As far as I can tell: > > systemd-nspawn is defaulting to a private user namespace, but no private > network namespace, and that combination is not supported. If you > configure a private network namespace, does that nspawn container start > properly? > > > https://www.freedesktop.org/software/systemd/man/systemd.nspawn.html#%5BNetwork%5D%20Section%20Options > > I'm inferring some of this, so if you've already got private network > namespace configured, that's probably not the cause. > I'm not sure we've ever really looked at systemd-nspawn from a subscription service point of view. For Docker and Podman, we've always viewed those containers as just processes running on the system (this is a notable difference from how VMs are viewed). Containers inherit access to subscription services via the host they're on. That's why UBI should see additional content available when it's running on a RHEL system as opposed to something like CentOS or Ubuntu. The problem wouldn't be running systemd-nspawn content. The problem would be getting the content into the container you're building though honestly I've never used nspawn and I'm not even sure what storage format it uses. -Mike -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20210130/7d1f0216/attachment-0005.html>