Answer the question
In order to leave comments, you need to log in
Docker or LXC?
My task is this: I want to raise a dozen or two pseudo-virtual machines, many of which will be designated by two or three roles. At the moment I think LEMP and NS servers. The requirements are simple: login via ssh not as root, sudo, for the web - ftp support (I'm looking towards pure-ftpd with mysql support). It would also be nice if all hosts received an IP address from an internal DHCP server. All hosts should be driven with ansible
I started to study docker - sheer disappointment: there is only one service in the container, and to add the second one you need to link compose, and by default the service runs on the host, you need to specify the port number - but with a full-fledged network stack, everything is not so simple. And containers are not intended for long-term storage, you need to mount separate folders for logs and data. And I thought, isn't it easier to use LXC for such purposes? For I found a lot of minuses, and the pluses are not so obvious yet (for me at least). But maybe I don’t understand something or haven’t read something else? Maybe there are other means?
And another question - can ansible playbooks take data for hosts from mysql?
Answer the question
In order to leave comments, you need to log in
You don't like Docker because you want a VM, not a Docker.
It is foolish to expect something from the docker if you do not want it and do not sharpen projects for it.
And of course it’s better to take kvm, it still works better than lxc
lxc is a full-fledged virtual machine, with paravirtualization (does not spend resources on hardware virtualization) ideal for simple tasks of isolating network requests (without them, a simple chroot would be enough), carefully
lxc does not fully isolate environments, i.e. if inside such a virtual machine an attacker has root, then he will be able to log into the host system.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question