LXC containers in practical use on the desktop
|
Conclusion
The rapid development of Docker in the past 18 months has put LXC containers into the spotlight. Before that, LXC was a little-noticed tool. LXC got a noticeable development push thanks to the fact that Docker became easily available to end users. Users who only occasionally start VirtualBox or KVM to manage a distribution are likely to shy away from using LXC. If you manage several images simultaneously, however, you will notice that LXC handles hardware resources much more economically than a full virtual machine. You can also use LXC as a sandbox for untrusted applications running independently of the host system.
Containers are often deemed insecure, and hypervisors still have an advantage in this respect. Many specialists are currently applying themselves to the task of securing containers. Daniel J. Walsh of Red Hat has discussed this topic in length.
Those working in safety-critical environments can run many LXC containers in a virtual machine, which unfortunately can somewhat increase the network structure's complexity. However, with kernel 3.12 and the use of kernel namespaces, containers with LXC 1.0 can be started under users other than root, thereby preventing changes in the host through the container.
It's difficult to ascertain whether the use of containers will move further into the end user realm. This would require the setup to be made a bit easier. Meanwhile, VirtualBox and KVM have their own setup hurdles. KVM users should have no problem with LXC. Another new player in the field is systemd-nspawn [15], which presumably might remain an enhanced replacement for chroot, but not without more of a manual effort in virtualizing operating systems.
Infos
- DKMS: http://en.wikipedia.org/wiki/Dynamic_Kernel_Module_Support
- LXC: https://de.wikipedia.org/wiki/LXC
- Docker: http://en.wikipedia.org/wiki/Docker_(software)
- FreeBSD Jail: http://en.wikipedia.org/wiki/FreeBSD_jail
- Solaris Zones: http://en.wikipedia.org/wiki/Solaris_Containers
- Chroot: http://en.wikipedia.org/wiki/Chroot
- Incompatibility with systemd: https://wiki.debian.org/LXC#Incompatibility_with_systemd
- Debootstrap: https://wiki.debian.org/Debootstrap
- Manual container instructions: https://www.stgraber.org/2014/02/09/lxc-1-0-gui-in-containers/
- Xpra: http://en.wikipedia.org/wiki/Xpra
- Virtenv: http://sourceforge.net/projects/virtenv/files/virtenv.deb/
- X2go: http://en.wikipedia.org/wiki/X2go
- LXC documentation: https://help.ubuntu.com/lts/serverguide/lxc.html
- Libcontainer: http://blog.docker.com/2014/03/docker-0-9-introducing-execution-drivers-and-libcontainer/
- Systemd-nspawn http://rich0gentoo.wordpress.com/2014/07/14/quick-systemd-nspawn-guide/
« Previous 1 2 3 4 5 Next »
Buy this article as PDF
Pages: 5
(incl. VAT)
Buy Ubuntu User
US / Canada
UK / Australia
Related content
-
Container Management with Docker
Docker is an economical alternative to conventional virtualization. Because each Docker containers share the underlying operating system, it enjoys the resource isolation and allocation benefits of VMs but is much more portable and efficient.
-
Clear Linux: A cloud distro for Intel processors
Clear Linux is an innovative cloud operating system optimized for the Intel architecture.
-
The package formats Flatpaks and Snaps
These package systems have names that make them sound like they could be crunchy candy bars, but in fact, they are formats that could revolutionize software installation.
-
Innovation in the Linux environment
Testers constantly encounter new trends in the experimental branches of Linux distributions. I look at who drives Linux forward and how the future is shaping up.
-
Use multiple distributions at the same time with Bedrock Linux
Bedrock transparently combines virtually any number of distributions with different architectures, package management, and init systems under a filesystem.