How is “lxd” different from lxc/docker?

前端 未结 3 1758
余生分开走
余生分开走 2021-02-04 01:07

Questions

  • How does lxd provide Full operating system functionality within containers, not just single processes?
  • How is it different from lxc/docker +
3条回答
  •  猫巷女王i
    2021-02-04 01:46

    How does lxd provide Full operating system functionality within containers, not just single processes?

    Containers are Isolated Linux systems using the cgroups capabilities for limit cpu/memory/network/etc in the Linux kernel, without the need for starting a full virtual machine.

    LXD uses the capabilities provided by liblxc (that is based in LXC) and from this comes the capabilities for full OS functionality.

    How is it different from lxc/docker + wrappers?

    LXD use liblxc from LXC. Docker is more application focused, only the principal process for your app inside the container (using libcontainer now by default, Docker did use liblxc first for this)

    Is it similar to a container that is launched with docker + supervisor/wrapper script to contain multiple processes in one container?

    Something similar. The diference between LXD and Docker is that Docker is an application container, LXD is a system container. LXD use upstart/systemd like principal process inside the container and by default is ready to be a full VM environment with very light memory/cpu usage. Yes, you can build your docker with supervisorctl/runit, but you need to do manually this process. You can check how is done in http://phusion.github.io/baseimage-docker/ that do something similar inside a container.

    What can I do with lxd that I cannot do with some wrappers over lxc and docker ?

    live migrations of containers, use your containers like full virtual machines, precise config for dedicate cpu cores/memory/network I/O for use in your container, run your container process in unprivileged mode (root process inside your container != root process in your host) by default Docker work in privileged mode, only now in Docker 1.10 they implement unprivileged mode but you need to review (and maybe rewrite) your Dockerfiles because many things will not work in unprivileged mode.

    LXD and Docker are diferent things. LXD gives you a "full OS" in a container and you can use any deployment tool that works in a VM for deploying applications in LXD. With Docker your application is inside the container and you need diferent tools for deploying applications in Docker and do metric for performance.

    Why is it available only in ubuntu if they are making use of mainline kernel features (namespaces and cgroup )?

    LXD has commercial support from Canonical if is needed, but you can build LXD in Centos 7, ArchLinux (with kernel patched) check https://github.com/lxc/lxd. Gentoo supports LXD now https://wiki.gentoo.org/wiki/LXD.

提交回复
热议问题