New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Docker Containers
hivalidity
Member
in Help
Hi,
Is there any WHMCS solution available to automate the creation of Docker containers?
Thanks.
Comments
Delete WHMCS and use Docker Compose.
Does it have billing integration?
yees
Delete docker and use LXC.
Docker is a security problem waiting to happen.
On one LXC VPS I have, on first login I can dmesg and see OOM messages for apps running on other VPS'. I've never seen that before with any other hypervisor.
Even with that strange behavior, I still think application containerization is inferior to OS containers. Especially considering with docker there are often subsystems and dependent software the user knows nothing about and is often left outdated and not getting security updates.
I prefer to set up each application in an LXC container with an underlying OS and prerequisites that I understand intricately enough since I put them there.
There are uses for both, I shouldn't just hate on docker in general because I'm sure for some people it's ideal. Maybe one day I too will sing the praises of docker, but that's not marked on my calendar..
I am trying to install LDX with OpenStack on Ubuntu, but LXD and Ubuntu own articles are outdated and most of the commands not working.
Do you have any latest article to setup this?
I use Proxmox to handle the whole thing, so I'm afraid I couldn't give you any tips based on experience - maybe someone else can?
But Proxmox only support LXC, I require LXD. The only solution I can figure out is OpenStack - heavy software and no proper guides.
LXC isn't a hypervisor, it's containerization, and so the kernel is shared between all guests.
dmesg
being shared is a known issue that's very difficult to fix.dmesg
reads from/dev/kmesg
which is just a character device (spits out text when you read from it, one character at a time). Kernel logs are unstructured so it's basically impossible to tell which line corresponds to which container. For example, how would you know which container this log line applies to?Providers should be disabling access to
/dev/kmesg
for their LXC containers, and any good provider of LXC containers would have this in their standard runbookI'm really surprised Proxmox only supports LXC given LXD has a proper API meaning it's a lot easier to automate.
If you run unprivileged LXC (via LXD at least) you can't see sh*t. Plus, LXD supports KVM/QEMU out of box so there is that too if you really need to go "isolated"
Ron Howard voice: They are not.