Proxmox-Basic: Linux LXC and docker compare

 1.  Good Ref  

關於 LXC

先撇除一般Hypervisor 不談(大家應該都很熟悉了)，在了解Docker之前我們應該先來了解，什麼是 LXC (Linux Container)？我們現來看一下他的定義：

 LXC (LinuX Containers) provide an isolated operating system environment with its own file system, network, process and block I/O space. A favorite way to describe containers is that they are like “chroot on steroids”, since they provide the file system isolation that chroot jails provide but they go beyond that by also providing an IP address, a separate process domain, user ids and dedicated access to the host’s physical resources (i.e. memory, CPU) which chroot jails do not provide

Why Docker more than LXC

沒錯，一開始Docker也是架設在LXC之上，不過從Docker 0.9版以後，LXC 已經不再是Docker 唯一且預設的執行環境 (請參考：docker drops LXC as default execution environment)，Docker 現在支援更多種的"isolation tools"包含：

• DOpenVZ
• systemd-nspawn
• libvirt-lxc
• libvirt-sandbox
• qemu/kvm
• BSD Jails
• Solaris Zones
• chroot

---------------------------------------

2. Good 2 ref ref2

使用 lxc 的好處之一，就是可以把虛擬機器再拿來切一切，分出更多的小小的執行環境來同時跑更多的 Linux 作業系統，這在需要模擬很多台電腦時，就會很方便，雖然大部份的文件都是提到用 KVM 來搭配 lxc 使用的，不過，阿舍是在 VirtualBox 上的 Ubuntu 虛擬機器來安裝和測試的，用來，還沒什麼問題，這大概因為 lxc 已被包在 Linux 核心裡，所以，一般的情況，只要 Linux 跑的起來，lxc 就應該可以用吧 ！

Credit Diego Elio “Flameeyes” Pettenò 

lxc 是透過範本來建立虛擬機器 (有人說應該是稱為虛擬執行環境，阿舍瞭解，不過，阿舍習慣上，還是都會用虛擬機器再形容的哩 ！)，而 lxc 內建就有幾個 Linux 發行版本的範本檔可用，以 Ubuntu 為例，lxc 內建的範本檔是放在 /usr/share/lxc/templates 資料夾裡的，所以，當要建立 Ubuntu 的 虛擬機器時，就可以用下面的指令來建立。

3.  compare  ref

LXC virtual environment has no hardware preload emulation. Each virtual environment (an OS or an application) is loaded in a container and executes without any additional overhead and no hardware emulation. This means no penalty from software with limited memory. In the end, LXC will improve the performance of the bare metal as it only bundles the OS/application that is required.

4.  Promx linux container

Containers are a lightweight alternative to fully virtualized machines (VMs). They use the kernel of the host system that they run on, instead of emulating a full operating system (OS). This means that containers can access resources on the host system directly.

The runtime costs for containers is low, usually negligible. However, there are some drawbacks that need be considered:

• Only Linux distributions can be run in Proxmox Containers. It is not possible to run other operating systems like, for example, FreeBSD or Microsoft Windows inside a container.

• For security reasons, access to host resources needs to be restricted. Therefore, containers run in their own separate namespaces. Additionally some syscalls (user space requests to the Linux kernel) are not allowed within containers.

5. LXC in debian and explain

LXC_office

debina_lxc

suse_lxc