[Lxc-users] LXC in production envivroment

Fajar A. Nugraha list at fajar.net
Fri Aug 24 11:30:26 UTC 2012


On Fri, Aug 24, 2012 at 6:12 PM, István Király - LaKing <d250 at yahoo.com> wrote:
> Hello users, and mainly developers, ..
>
> My question is, how reliable, how stable is LXC in a production environment?
>
> .. how far is LXC from being released as stabile 1.0?
>

As a user, I'd say lxc is usable for either:
- dev purposes
- production environment, where you control all the containers, and
using it for programs that works, and basically using lxc for resource
cap and network isolation purposes

Note that while most programs will work as-is on a container, some
might not work at all (e.g. those that loads and use their own custom
kernel module), while some needs special treatment (e.g. oracle db and
others that use large shared memory might need apparmor and friends
turned off, which results in the container being capable of doing
dangerous things to the host).

I would not use lxc for shared vps setup (like openvz) at this moment
due to some unsolved security issues.

> .. what OS is recommended for a stable environment with LXC?

I'd say latest Ubuntu stable. It works fine as-is, and uses apparmor
to workaround some lxc security issues.

> .. what kernel version is recommended?

Generally whatever version that comes with the distro that supports lxc.

Do NOT force yourself to use lxc with an "ancient" distro (e.g.
RHEL/centos6, or debian stable). Instead, if you have a program that
only works on those distros, use newer distro for the host, while
running the "stable" distro as guest container.

-- 
Fajar




More information about the lxc-users mailing list