[Lxc-users] Proper way to use LXC to serve multiple apps execution from outside
Fajar A. Nugraha
list at fajar.net
Thu May 10 09:24:24 UTC 2012
On Thu, May 10, 2012 at 3:51 PM, Đỗ Hoàng Khiêm <dohoangkhiem at gmail.com> wrote:
> Yes, I think it needs a new process for each request serving.
>
> In overall, I have a web application, it receives the application scripts
> and execution requests from clients then try to execute it on the server
> side. So I think that each request is isolated and I want to try the ability
> to execute these requests in a sandbox environment.
IMHO you need to define your requirements more. Then break it down to
distinct components that each can be fulfilled by a software solution.
Possibly study more about each components.
If you simply want "an isolated environment for a web application",
there are other ways to achieve this, which is more efficient than
lxc. For example, if your web application uses php, simply using
php-fpm plus its chroot feature, running as a a distinct normal user
(i.e. not root, not the webserver user, and not the same as user for
other web applications) should be sufficiently secure while still
having the performance of a fcgi application.
--
Fajar
More information about the lxc-users
mailing list