An LXC is isolated, system-wise, by default (unprivileged) and has very low resource requirements.
- Storage also expands when needed, i.e. you can say it can have 40GB but it’ll only use as much as needed and nothing bad will happen if your allocated storage is higher than your actual storage… Until the total usage approaches 100%. So there’s some flexibility. With a VM the storage is definite.
- Usually a Debian 12 container image takes up ~1.5GB.
- LXCs are perfectly good for most use cases. VMs, for me, only come in when necessary, when the desired program has more needs like root privileges, in which case a VM is much safer than giving an LXC access to the Proxmox system. Or when the program is a full OS, in the case of Home Assistant.
Separating each service ensures that if something breaks, there are zero collateral casualties.
For inspiration, here’s my list of services:
| Name | ID No. | Primary Use |
|---|---|---|
| heart | (Node) | ProxMox |
| guard | (CT) 202 | AdGuard Home |
| management | (CT) 203 | NginX Proxy Manager |
| smarthome | (VM) 804 | Home Assistant |
| HEIMDALLR | (CT) 205 | Samba/Nextcloud |
| authentication | (VM) 806 | BitWarden |
| (VM) 807 | Mailcow | |
| notes | (CT) 208 | CouchDB |
| messaging | (CT) 209 | Prosody |
| media | (CT) 211 | Emby |
| music | (CT) 212 | Navidrome |
| books | (CT) 213 | AudioBookShelf |
| security | (CT) 214 | AgentDVR |
| realms | (CT) 216 | Minecraft Server |
| blog | (CT) 217 | Ghost |
| ourtube | (CT) 218 | ytdl-sub YouTube Archive |
| cloud | (CT) 219 | NextCloud |
| remote | (CT) 221 | Rustdesk Server |
anamethatisnt@sopuli.xyz 6 days ago
A VM is properly isolated and has it’s own OS and kernel. This improves security at the cost of overhead.
If you are starved for hardware resources then running lxcs instead of vms could give you more bang for the buck.