Hi On Thu, Oct 02, 2014 at 09:20:26PM +0100, Jonathan Dowland wrote: > On Thu, Oct 02, 2014 at 02:16:06PM -0400, Steve Litt wrote: > > Thanks Jonathan. I use Docker from time to time, but never knew about > > LXC. If I use LXC experimentally, what's a good, simple, proof of > > concept use case?
Doesn't docker use LXC internally ? > > Well it isn't doing anything useful but I created a generic linux guest > using lxc-create and had a guest in a matter of a minute or so, > > > SUITE=jessie lxc-create -n guest2 -t debian -B lvm --vgname qusp_vg > > Another minute to do bridge configuration in the host and set up networking. > I > haven't used it for much but it starts up and shuts down very rapidly. There's > a general impression of speed vs. real VMs. Agreed. Just like the good olde linux-vserver. You don't have the overhead of multiple kernels running - just user-space processes. > At work, we do high-density VM hosting for practicals (every UG student gets a > VM on some modules). We've used KVM for the last few years but I'd like to try > LXC if possible this year, to see if we can get better host utilisation (we > usually avoid putting more than 100 VMs on each host machine). For this use case, I'd expect LXC to excel, although I'm not sure how migration of VMs between hardware hosts work. In my experience, combining LXC with btrfs (i.e. put /var/lib/lxc on a btrfs file system) makes things *very* quick - creating a new VM is (literally) a few seconds: # lxc-clone -o template -n newbox # lxc-start -n newbox -d Using DHCP combined with dynamic DNS helps too. Once bored: # lxc-stop -n newbox ; lxc-destroy -n newbox > I would find it useful to have a sid container (or containers) knocking around > for building debian packages rather than either run sid on my real machine or > use pbuilder, schroot etc. - which work, but are rather hacky. Also very useful for testing deployments... > I'm also considering using an lxc container to run a cupsd with some nasty > samsung drivers, to keep that stuff out of my main system. If I consider > running the dropbox client on my backup system (to backup my wife's dropbox) > I would want to isolate that too. Here you hit upon a very central concept: I find that most people who talk about the benefits of virtualisation, really are talking about the benefits of *isolation*. And isoation of apps does not require the full overhead of a new root file system, new kernel etc. -- Karl E. Jorgensen -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141002204518.GA25081@hawking