Comment on Linux Containers Forks LXD Project As "Incus"
sbstp@programming.dev 1 year agoI used to use LXC maybe 5 years ago but I’ve since replaced everything with docker/compose. The main difference between LXC and Docker is that LXC is meant to be more like a Virtual Machine than a container. LXC containers run their own instance of systemd and can run multiple processes easily. Docker is meant to run a single process although people sometimes do hacks with supervisord or s6 overlay to run multiple processes.
At the time LXC didn’t really have a concept of images like Docker, it was just base images like Ubuntu 18.04 or Debian 9 and you’d shell in the container and install your stuff.
LXD is a tool built on top of LXC, confusingly enough the LXD client is called lxc… It’s higher level and might have the ability to use images, not sure, I never felt the need to learn it.
9488fcea02a9@sh.itjust.works 1 year ago
I’ve always used lxc and only recently tried docker.
I really cant wrap my head around all the crazy shit docker alters on your network settings like rewriting a bunch of firewall rules without telling you
Not sure if i was doing something wrong but that was my experience with docker
InvertedParallax@lemm.ee 1 year ago
Docker is spaghetti-ware, they try to control everything, which ironically makes me Isolate my dockers in a vm.
9488fcea02a9@sh.itjust.works 1 year ago
Ok, i’m glad my solution to the problem (run docker in an lxc container) isn’t as harebrained as i thought
Other people are doing the same
InvertedParallax@lemm.ee 1 year ago
Haven’t done that, but honestly I’m thinking that’s my next workflow.
jecxjo@midwest.social 1 year ago
That is kind of the expected setup. Either a vm or a dedicated system. You let docker do its thing and it should work.
I run lxc because i want contained systems I control. That just means I have to do the work too.
phx@lemmy.ca 1 year ago
This is the same issue I have. I much prefer to manage my own firewall policies and having to make those play nicely with Docker was a huge pain in the ass in most cases. I’d rather use snaps than Docker for stuff that requires a daemon and regular updates, and Snaps have plenty of issues as well