Comment

Thank you.

I guess I have more reading to do on Portainer and LXC. Using an RPi with DietPi, I didn’t have the need to learn any of this. Now is a good time as ever.

But generally speaking, how is a Linux container different (or worse) than a VM?

source

Sort:hotnew top

Lyra_Lycan@lemmy.blahaj.zone ⁨6⁩ ⁨months⁩ ago

An LXC is isolated, system-wise, by default (unprivileged) and has very low resource requirements.

Storage also expands when needed, i.e. you can say it can have 40GB but it’ll only use as much as needed and nothing bad will happen if your allocated storage is higher than your actual storage… Until the total usage approaches 100%. So there’s some flexibility. With a VM the storage is definite.
Usually a Debian 12 container image takes up ~1.5GB.
LXCs are perfectly good for most use cases. VMs, for me, only come in when necessary, when the desired program has more needs like root privileges, in which case a VM is much safer than giving an LXC access to the Proxmox system. Or when the program is a full OS, in the case of Home Assistant.

Separating each service ensures that if something breaks, there are zero collateral casualties.

For inspiration, here’s my list of services:

Name	ID No.	Primary Use
heart	(Node)	ProxMox
guard	(CT) 202	AdGuard Home
management	(CT) 203	NginX Proxy Manager
smarthome	(VM) 804	Home Assistant
HEIMDALLR	(CT) 205	Samba/Nextcloud
authentication	(VM) 806	BitWarden
mail	(VM) 807	Mailcow
notes	(CT) 208	CouchDB
messaging	(CT) 209	Prosody
media	(CT) 211	Emby
music	(CT) 212	Navidrome
books	(CT) 213	AudioBookShelf
security	(CT) 214	AgentDVR
realms	(CT) 216	Minecraft Server
blog	(CT) 217	Ghost
ourtube	(CT) 218	ytdl-sub YouTube Archive
cloud	(CT) 219	NextCloud
remote	(CT) 221	Rustdesk Server

source

anamethatisnt@sopuli.xyz ⁨6⁩ ⁨months⁩ ago
A VM is properly isolated and has it’s own OS and kernel. This improves security at the cost of overhead.
If you are starved for hardware resources then running lxcs instead of vms could give you more bang for the buck.

source