New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Docker does not allow systemd, which is a dealbreaker for most people.
By default, systemd is not allowed, but some configurations can be used to allow it
You would need to allow writes to the /sys directory of the host for systemd to work, no wonder why people don't use it that way.
Configurations that allow systemd also introduce security issues.
It is true, if it is based on security considerations, it is really not suitable, and Docker does not have a complete VM permission compared to LXC/OpenVZ
This might be a bad way
Docker isn't intended to run that way. Usually you use docker to package your applications (for example php-fpm) so that you can it run on "every" system. With docker-compose or kubernetes you then can define your application stack (php-fpm + Nginx + mysql) so that your application really works.
Docker and kubernetes are way more complex to explain it in a short comment.
Indeed, this introduction explains well why LXC is better than Docker.
https://linuxcontainers.org/lxd/#application-containers-vs-system-containers
You've seen providers whom offer NAT KVM? Please share.
@Neoon is here
There is no "better than". The two serve whole different purposes. It's comparing apple with peaches.
I was referring to something I could purchase
Why would you want NAT KVM? I can't imagine the price difference being drastically lower to justify it
Indeed, the application scenarios are different.
Because the price can be very low.
For hosting your tiny ssh?
https://budgetvm.host
@WebHorizon used to offer KVM NAT
Docker is NOT VIRTUALIZATION
Neither is LXC. Nor VZ IIRC.
The difference is that docker is intended for application containerisation (you want to easily deploy, and perhaps sandbox, applications on a machine, physical or virtual, that you control) where LXC and VZ are intended for OS level containerisation (where you want to run fuller OS environments on a host of yours, or use one of those environments on someone else's host, without the extra overhead of “proper” virtualisation). The key difference between OS containers and full VMs is the the contained OS shares the kernel with the host. The security and management models between the three concepts.
KVM would be more expensive since it takes more resources on the host node. KVM is better because you run your own kernel and it's true virtualization. OVZ is fine, especially for ~128MB but KVM will happily run on 128MB despite it using a little more RAM because you're not using the host kernel.
Who has the advantage of LXC vs OVZ?
Oh no, I totally get the benefits of KVM - I think I didn't phrase my question right.
What I was trying to say/assume is that, there probably aren't a lot of hosts selling NAT KVM's because their price would be too close to a "regular" KVM with its own IPv4 address.
I believe OpenVZ does but I have no experience running it as a provider. LXC has had more vulnerabilities than OpenVZ, at least lately. It's a safer virtualization and provides better isolation, especially on the network level.
Then let's play OVZ together.