Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Docker Containers
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Docker Containers

hivalidityhivalidity Member
in Help

Hi,

Is there any WHMCS solution available to automate the creation of Docker containers?

Thanks.

Comments

  • yoursunnyyoursunny Member, IPv6 Advocate

    Delete WHMCS and use Docker Compose.

    Thanked by 5TimboJones angelius Erisa o_be_one maverickp
  • hivalidityhivalidity Member

    @yoursunny said:
    Delete WHMCS and use Docker Compose.

    Does it have billing integration?

  • HotmarerHotmarer Member

    @hivalidity said: Does it have billing integration?

    yees

  • dahartigandahartigan Member

    Delete docker and use LXC.

    Docker is a security problem waiting to happen.

  • TimboJonesTimboJones Member

    @dahartigan said:
    Delete docker and use LXC.

    Docker is a security problem waiting to happen.

    On one LXC VPS I have, on first login I can dmesg and see OOM messages for apps running on other VPS'. I've never seen that before with any other hypervisor.

  • dahartigandahartigan Member

    @TimboJones said:

    @dahartigan said:
    Delete docker and use LXC.

    Docker is a security problem waiting to happen.

    On one LXC VPS I have, on first login I can dmesg and see OOM messages for apps running on other VPS'. I've never seen that before with any other hypervisor.

    Even with that strange behavior, I still think application containerization is inferior to OS containers. Especially considering with docker there are often subsystems and dependent software the user knows nothing about and is often left outdated and not getting security updates.

    I prefer to set up each application in an LXC container with an underlying OS and prerequisites that I understand intricately enough since I put them there.

    There are uses for both, I shouldn't just hate on docker in general because I'm sure for some people it's ideal. Maybe one day I too will sing the praises of docker, but that's not marked on my calendar..

    Thanked by 2Trav jugganuts
  • hivalidityhivalidity Member

    @dahartigan said:
    Delete docker and use LXC.

    Docker is a security problem waiting to happen.

    I am trying to install LDX with OpenStack on Ubuntu, but LXD and Ubuntu own articles are outdated and most of the commands not working.

    Do you have any latest article to setup this?

  • dahartigandahartigan Member

    @hivalidity said:

    @dahartigan said:
    Delete docker and use LXC.

    Docker is a security problem waiting to happen.

    I am trying to install LDX with OpenStack on Ubuntu, but LXD and Ubuntu own articles are outdated and most of the commands not working.

    Do you have any latest article to setup this?

    I use Proxmox to handle the whole thing, so I'm afraid I couldn't give you any tips based on experience - maybe someone else can?

  • hivalidityhivalidity Member

    @dahartigan said:

    @hivalidity said:

    @dahartigan said:
    Delete docker and use LXC.

    Docker is a security problem waiting to happen.

    I am trying to install LDX with OpenStack on Ubuntu, but LXD and Ubuntu own articles are outdated and most of the commands not working.

    Do you have any latest article to setup this?

    I use Proxmox to handle the whole thing, so I'm afraid I couldn't give you any tips based on experience - maybe someone else can?

    But Proxmox only support LXC, I require LXD. The only solution I can figure out is OpenStack - heavy software and no proper guides.

    Thanked by 1dahartigan
  • redcatredcat Member

  • Daniel15Daniel15 Veteran
    edited July 2021

    @TimboJones said: On one LXC VPS I have, on first login I can dmesg and see OOM messages for apps running on other VPS'. I've never seen that before with any other hypervisor.

    LXC isn't a hypervisor, it's containerization, and so the kernel is shared between all guests.

    dmesg being shared is a known issue that's very difficult to fix. dmesg reads from /dev/kmesg which is just a character device (spits out text when you read from it, one character at a time). Kernel logs are unstructured so it's basically impossible to tell which line corresponds to which container. For example, how would you know which container this log line applies to?

    [10774052.666737] systemd[1]: systemd-journald.service: Succeeded.

    Providers should be disabling access to /dev/kmesg for their LXC containers, and any good provider of LXC containers would have this in their standard runbook :smile:

    @hivalidity said: But Proxmox only support LXC, I require LXD.

    I'm really surprised Proxmox only supports LXC given LXD has a proper API meaning it's a lot easier to automate.

    Thanked by 2TimboJones dahartigan
  • amarcamarc Veteran

    If you run unprivileged LXC (via LXD at least) you can't see sh*t. Plus, LXD supports KVM/QEMU out of box so there is that too if you really need to go "isolated"

  • TimboJonesTimboJones Member

    @Daniel15 said:
    any good provider of LXC containers would have this in their standard runbook :smile:

    Ron Howard voice: They are not.

Sign In or Register to comment.