Previous: , Up: Containers   [Contents][Index]

4.2 Guix System Containers

The Guix System provides a wide array of interconnected system services that are configured declaratively to form a dependable stateless GNU System foundation for whatever tasks you throw at it. Even when using Guix on a foreign distribution you can benefit from the design of Guix System by running a system instance as a container. Using the same kernel features of unshared namespaces mentioned in the previous section, the resulting Guix System instance is isolated from the host system and only shares file system locations that you explicitly declare.

A Guix System container differs from the shell process created by guix shell --container in a number of important ways. While in a container shell the containerized process is a Bash shell process, a Guix System container runs the Shepherd as PID 1. In a system container all system services (see Services in GNU Guix Reference Manual) are set up just as they would be on a Guix System in a virtual machine or on bare metal—this includes daemons managed by the GNU Shepherd (see Shepherd Services in GNU Guix Reference Manual) as well as other kinds of extensions to the operating system (see Service Composition in GNU Guix Reference Manual).

The perceived increase in complexity of running a Guix System container is easily justified when dealing with more complex applications that have higher or just more rigid requirements on their execution contexts—configuration files, dedicated user accounts, directories for caches or log files, etc. In Guix System the demands of this kind of software are satisfied through the deployment of system services.

Previous: Guix Containers, Up: Containers   [Contents][Index]