[Lxc-users] LXC in production envivroment

[István Király - LaKing]

Thank you for your answer, I really appreciate it.

I have a server currently running with ISPconfig 3, but I don't really like that system at all. 

It is over-complicating things. It works as a shared-host, but it is not an optimal solution. I would rather like to have a virtual-server farm or better said lxc container-farm, as soon as possible. ..

So I started a project, TURM - http://sourceforge.net/projects/turm/
.. and was working on it for a while. After reaching a basic level of functionality, I was auditing my code for security, and during the research I came across this post:
http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/
.. felt that something is not right with PHP, and this post nailed it to the point. I realized PHP is, .. how to say gently, not right for me .. ( + I use weird scripting techniques if the language allows)

Now I'm at the point where I plan to re-implement turm in Ruby. .. 

Anyone got any experience with Lexy? Seems to be a very similar project ...

http://jacoblewallen.wordpress.com/2011/05/16/lexy-a-web-ui-for-lxc/


Should LXC be used directly, or is there an API like libvirt necessery / handy in setting up networking for example? 


My desktop OS is Fedora 17 at the moment, and I'm happy with it. For some reason on my current desktop PC, Ubuntu didn't install. 

On my server I'm using Fedora at the moment - it is okay, but there been 
some crashes during the years, once or twice thru a software update, and hardware is failing from time to time too. 

Got also hacked once or twice (via PHP) and I really want a stable isolated environment, where users can use root-level ssh in their containers. ..

I don't really see a major difference between Ubuntu and Fedora, .. 
however if you say that Ubuntu is probably more stable or secure, I may switch to 
it. CentOs is stable, but as you say, ancient. :)  ..


I want to put together the right tool set, the right software environment now, so I can create a container farm, with two or more physical servers, and a nice GUI that I can present even for normal users.

Any advice appreciated, and considered. ..

Thank you.  


LaKing at D250.hu
D250 Laboratories
www.D250.hu


----- Ursprüngliche Message -----
Von: Fajar A. Nugraha <list at fajar.net>
An: István Király - LaKing <LaKing at d250.hu>
CC: "lxc-users at lists.sourceforge.net" <lxc-users at lists.sourceforge.net>
Gesendet: 13:30 Freitag, 24.August 2012
Betreff: Re: [Lxc-users] LXC in production envivroment

On Fri, Aug 24, 2012 at 6:12 PM, István Király - LaKing <d250 at yahoo.com> wrote:
> Hello users, and mainly developers, ..
>
> My question is, how reliable, how stable is LXC in a production environment?
>
> .. how far is LXC from being released as stabile 1.0?
>

As a user, I'd say lxc is usable for either:
- dev purposes
- production environment, where you control all the containers, and
using it for programs that works, and basically using lxc for resource
cap and network isolation purposes

Note that while most programs will work as-is on a container, some
might not work at all (e.g. those that loads and use their own custom
kernel module), while some needs special treatment (e.g. oracle db and
others that use large shared memory might need apparmor and friends
turned off, which results in the container being capable of doing
dangerous things to the host).

I would not use lxc for shared vps setup (like openvz) at this moment
due to some unsolved security issues.

> .. what OS is recommended for a stable environment with LXC?

I'd say latest Ubuntu stable. It works fine as-is, and uses apparmor
to workaround some lxc security issues.

> .. what kernel version is recommended?

Generally whatever version that comes with the distro that supports lxc.

Do NOT force yourself to use lxc with an "ancient" distro (e.g.
RHEL/centos6, or debian stable). Instead, if you have a program that
only works on those distros, use newer distro for the host, while
running the "stable" distro as guest container.

-- 
Fajar