this post was submitted on 20 Feb 2025
40 points (95.5% liked)

Selfhosted

59858 readers
659 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
40
Docker in LXC vs VM (lemmy.ml)
submitted 1 year ago by mr_jaaay@lemmy.ml to c/selfhosted@lemmy.world
55 comments fedilink hide all child comments
 

I run a small server with Proxmox, and I'm wondering what are your opinions on running Docker in separate LXC containers vs. running a specific VM for all Docker containers?

I started with LXC containers because I was more familiar with installing services the classic Linux way. I later added a VM specifically for running Docker containers. I'm thinking if I should continue this strategy and just add some more resources to the docker VM.

On one hand, backups seem to be easier with individual LXCs (I've had situations where I tried to update a Docker container but the new container broke the existing configuration and found it easiest just to restore the entire VM from backup). On the otherhand, it seems like more overhead to install Docker in each individual LXC.

you are viewing a single comment's thread
view the rest of the comments
[–] sxan@midwest.social 1 points 1 year ago (3 children)

Is your server a dedicated server, or a VPS? Because if it's a VPS, you're probably already running in a VM.

Adding a VM might provide more security, especially if you aren't an expert in LXC security configuration. It will add overhead. Running Docker inside Docker provides nothing but more overhead and unnecessary complexity to your setup.

Also, because it isn't clear to me from your post: LXC and Docker are two ways of doing the same thing, using the same Kernel capabilities. Docker was, in fact, written in top of LXC. The only real difference is the container format. Saying "running Docker on LXC" is like saying "running Docker on Docker," or "running Docker on Podman," or "running LXC on Docker". All you're doing is nesting container implementations. As opposed to VMs, which do not just use Linux namespace capabilities, and which emulate an entirely different computer.

LXC, Podman, and Docker use the underlying OS kernel and resources. VMs create new, virtual hardware (necessarily sharing the same hardware architecture, but nothing else from the host) and run their own kernels.

Saying "Docker VM" is therefore confusing. Containers - LXC, Podman, or Docker - don't create VMs. They partition and segregate off resources from the host, but they do not provide a virtual machine. You can not run OpenBSD in a Docker container on Linux; you can run OpenBSD in a VM on Linux.

[–] non_burglar@lemmy.world 3 points 1 year ago

Lxc and docker are not equivalent. They are system and software containers respectively.

[–] mr_jaaay@lemmy.ml 2 points 1 year ago

It’s a dedicated server (a small Dell micro-pc). Thanks for the comment, I understand the logic, I was approaching it more from an end-user perspective of what’s easier to work with. Which given my skill set are LXC containers. I have a VM on top of Proxmox specifically for Docker :-)

[–] possiblylinux127@lemmy.zip 2 points 1 year ago

I think they mean a VM running docker