10
Linux Containers Forks LXD Project As "Incus"
(www.phoronix.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 09 Aug 2023
10 points (91.7% liked)
Technology
58133 readers
4486 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
Does anyone actually use LXD? I never could figure out the deal with this.
I used to use LXC maybe 5 years ago but I've since replaced everything with docker/compose. The main difference between LXC and Docker is that LXC is meant to be more like a Virtual Machine than a container. LXC containers run their own instance of systemd and can run multiple processes easily. Docker is meant to run a single process although people sometimes do hacks with supervisord or s6 overlay to run multiple processes.
At the time LXC didn't really have a concept of images like Docker, it was just base images like Ubuntu 18.04 or Debian 9 and you'd shell in the container and install your stuff.
LXD is a tool built on top of LXC, confusingly enough the LXD client is called
lxc... It's higher level and might have the ability to use images, not sure, I never felt the need to learn it.I've always used lxc and only recently tried docker.
I really cant wrap my head around all the crazy shit docker alters on your network settings like rewriting a bunch of firewall rules without telling you
Not sure if i was doing something wrong but that was my experience with docker
Docker is spaghetti-ware, they try to control everything, which ironically makes me Isolate my dockers in a vm.
Ok, i'm glad my solution to the problem (run docker in an lxc container) isn't as harebrained as i thought
Other people are doing the same
Haven't done that, but honestly I'm thinking that's my next workflow.
That is kind of the expected setup. Either a vm or a dedicated system. You let docker do its thing and it should work.
I run lxc because i want contained systems I control. That just means I have to do the work too.
Same, I love lxc like I love jails, you craft beautiful systems that are isolated and clean.
I wouldn't make a disposable jail, but I make disposable lxcs, lxcs are like temporary distros for me.
There are scripts for making a jail around single apps but yeah I typically don't use them that way. Lxc I very often install an app I want to test out and toss once I want to dedicate compile time to it.
Yeah, I'd want a jail dockerfile system too, I just usually do them manually. Still, a way to run dockerfiles to build jails would be epic if you could make it work.
I used gentoo for a decade, I just can't afford the downtime if my workstation goes down, so it's debian with lxc workspaces for a while, but gentoo actually runs well under lxc.
Mostly every app expects its own distro, either debian or centos, few actually are agnostic, so getting them to run on gentoo was always more of a challenge than on raw debian/Ubuntu.
I'm actually the opposite. Run gentoo as my host and toss up a debian lxc if needed. Worst case scenario im running just the kernel and everything else from a container (actually how i typically run when rebuilding a system from start).
I've never run into a situation where an app "couldn't" run in Gentoo. It's just that I've had cases where an app is build for a 8 year old LTS of debian with such old dependencies it wouldn't be worth my time building them all when i can just pull up a container with that super old build. The nice thing is that all the vulnerabilities that old Debian had is now in a container and less of a target.
I swear i must be lucky cuz i do often hear of gentpo fatigue but I've been running it since the project started and never had issues outside the things they legitimately broke.