this post was submitted on 20 Feb 2025
37 points (95.1% liked)

Selfhosted

42717 readers
481 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
37
Docker in LXC vs VM (lemmy.ml)
submitted 2 days ago by mr_jaaay@lemmy.ml to c/selfhosted@lemmy.world
53 comments fedilink hide all child comments
 

I run a small server with Proxmox, and I'm wondering what are your opinions on running Docker in separate LXC containers vs. running a specific VM for all Docker containers?

I started with LXC containers because I was more familiar with installing services the classic Linux way. I later added a VM specifically for running Docker containers. I'm thinking if I should continue this strategy and just add some more resources to the docker VM.

On one hand, backups seem to be easier with individual LXCs (I've had situations where I tried to update a Docker container but the new container broke the existing configuration and found it easiest just to restore the entire VM from backup). On the otherhand, it seems like more overhead to install Docker in each individual LXC.

you are viewing a single comment's thread
view the rest of the comments
[–] sxan@midwest.social 1 points 2 days ago (3 children)

Is your server a dedicated server, or a VPS? Because if it's a VPS, you're probably already running in a VM.

Adding a VM might provide more security, especially if you aren't an expert in LXC security configuration. It will add overhead. Running Docker inside Docker provides nothing but more overhead and unnecessary complexity to your setup.

Also, because it isn't clear to me from your post: LXC and Docker are two ways of doing the same thing, using the same Kernel capabilities. Docker was, in fact, written in top of LXC. The only real difference is the container format. Saying "running Docker on LXC" is like saying "running Docker on Docker," or "running Docker on Podman," or "running LXC on Docker". All you're doing is nesting container implementations. As opposed to VMs, which do not just use Linux namespace capabilities, and which emulate an entirely different computer.

LXC, Podman, and Docker use the underlying OS kernel and resources. VMs create new, virtual hardware (necessarily sharing the same hardware architecture, but nothing else from the host) and run their own kernels.

Saying "Docker VM" is therefore confusing. Containers - LXC, Podman, or Docker - don't create VMs. They partition and segregate off resources from the host, but they do not provide a virtual machine. You can not run OpenBSD in a Docker container on Linux; you can run OpenBSD in a VM on Linux.

[–] non_burglar@lemmy.world 3 points 2 days ago

Lxc and docker are not equivalent. They are system and software containers respectively.

[–] possiblylinux127@lemmy.zip 2 points 2 days ago

I think they mean a VM running docker

[–] mr_jaaay@lemmy.ml 2 points 2 days ago

It’s a dedicated server (a small Dell micro-pc). Thanks for the comment, I understand the logic, I was approaching it more from an end-user perspective of what’s easier to work with. Which given my skill set are LXC containers. I have a VM on top of Proxmox specifically for Docker :-)