Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Linux Containers (lvc.sourceforge.net)
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Linux Containers (lvc.sourceforge.net)

bitbit Member
edited October 2012 in Help

Looking for advise, tips etc.

Has anyone used Linux Containers or is using it on their LEB's. Mainly looking at those using it on OpenVZ (if it is possible) maybe on XEN PV.

How secure is it as compared to say OpenVZ or in comparison to FreeBSD jails.

Comments

  • DamianDamian Member
    edited October 2012

    lvc.sf.net = "Linux Video Central"

    (edit) Found it: http://lxc.sourceforge.net/

  • Wasn't this what the 'mainstream' kernel developers were working on, before OVZ matured and mainstream kernel started looking at including OVZ in the standard kernel?

    I don't think this has been updated in a couple of years.

  • jarjar Patron Provider, Top Host, Veteran

    Why in the world would you want to setup containers on an openvz LEB....

  • @jarland said: Why in the world would you want to setup containers on an openvz LEB....

    Low, low end box?

    Thanked by 1jar
  • bitbit Member
    edited October 2012

    @jarland - For the same reason one set's up Jails on Freebsd.

  • @jarland said: Why in the world would you want to setup containers on an openvz LEB....

    LEBception.

    Thanked by 2jar MartinD
  • @jarland said: Why in the world would you want to setup containers on an openvz LEB....

    ...when you could wrap this all up in a KVM too!

    Thanked by 1jar
  • bitbit Member

    @ShardHost - if only.

    I have a bunch of OpenVZ based LEB's. I'm looking to try to setup something similar to Jails on them. I've read that OpenVZ on OpenVZ is not a good idea. From what I read of Linux Containers, it looks to be similar to the Jails way.

  • @Damian said: Wasn't this what the 'mainstream' kernel developers were working on, before OVZ matured and mainstream kernel started looking at including OVZ in the standard kernel?

    I don't think this has been updated in a couple of years.

    LXC project is very active. Debian stopped supporting OpenVZ in favor of LXC in its next release.
    Even newer OpenVZ userlands are starting to support it in mainstream kernels...

    Let's say it's the future of container technology on Linux. Thing is right now it's still lacking features and security.
    First it's very insecure by default. A root user inside a container is root on the host...
    Second, while features are added quickly, it's still lacking a lot to replace OVZ: Not as good userlands, no good memory/CPU limitations, no live migration, can't exec inside a container, can't enter a container without setting up console and such, etc....

    It's growing fast and new features almost comes with each new kernels.

  • joepie91joepie91 Member, Patron Provider

    @corehosting said: LXC project is very active. Debian stopped supporting OpenVZ in favor of LXC in its next release.

    Even newer OpenVZ userlands are starting to support it in mainstream kernels...

    Let's say it's the future of container technology on Linux. Thing is right now it's still lacking features and security.

    First it's very insecure by default. A root user inside a container is root on the host...
    Second, while features are added quickly, it's still lacking a lot to replace OVZ: Not as good userlands, no good memory/CPU limitations, no live migration, can't exec inside a container, can't enter a container without setting up console and such, etc....

    It's growing fast and new features almost comes with each new kernels.

    So... what would be the reason to use LXC instead of OpenVZ? To me, it looks like it's not better in any respect.

  • Well depends on what you're doing... If you don't need security and not change your kernel, LXC is a good way.
    Other than that, there isn't in my point of view...

  • Not yet. When they'll have the same functionalities and/or ovz userlands fully support mainstream kernel, there'll be no more need to apply ovz patch.

  • @joepie91 said: So... what would be the reason to use LXC instead of OpenVZ? To me, it looks like it's not better in any respect.

    The only advantages that I can see are that it seems to have upstream kernel support and that it isn't a hacky mess. Debian likes purity so it makes sense they'd pick a currently-useless pure solution over an ugly working one, especially since almost nobody actually uses the Debian OpenVZ kernels.

  • @lbft probably becauase nobody knows how to administer openvz without a panel...lol

  • @Corey vzctl and other goodies are fun. I miss subigo when it comes to ovz related discussions.

  • jarjar Patron Provider, Top Host, Veteran

    @Taz said: vzctl and other goodies are fun. I miss subigo when it comes to ovz related discussions.

    Lol you just google openvz to find a random term like "vzctl" so you could look like you know something? How were you even a provider, what are you like 15? I'm so sick of this new round of kid providers backed by this kindergarten community.

    There's my subigo impression, minus the F bombs.

  • TazTaz Member
    edited November 2012

    Lol. I am talking about his ovz related knowledge. His Fbomb, cursing nd other fun things started after he sold zensix (wasn't it?) and got tired of bottom feeders requests. He was and is a talented individual.

  • @joepie91 said: First it's very insecure by default. A root user inside a container is root on the host...

    Second, while features are added quickly, it's still lacking a lot to replace OVZ: Not as good userlands, no good memory/CPU limitations, no live migration, can't exec inside a container, can't enter a container without setting up console and such, etc....

    This is why I prefer openVZ over LXC. And, LXC misses all the templates that OpenVZ has...

    @lbft said: The only advantages that I can see are that it seems to have upstream kernel support and that it isn't a hacky mess.

    Recent releases of OpenVZ kernels for CentOS/Debian (proxmox) have proven to be very stable for me. Last year I got a kernel panic on a debian/openvz kernel when I tried an IP change, but that turned out to be a faulty network card. For the rest, OpenVZ kernels run very good, at least for me.

    And, how is it a hacky mess?

Sign In or Register to comment.