[lxc-users] Am I misusing LXCs?

John Lewis oflameo2 at gmail.com
Thu Mar 30 20:20:27 UTC 2017


It is traditional LXC because LXD wasn't out when I set it up
originally.  I won't build the packages for LXD if I am not even using
it properly.

I direct incoming connections using iptables with both the the host and
the virtual router.

I am extremely confident about moving my installation. I will use
Ansible for the provisioning and the configuration. I will install all
of the packages I need on a simple VPS. I can still use cgroups to
control the resource usage of the processes. It will be moderately
easier for me to secure because it is easy to see where everything is
and what state everything is in. 

I backup the VPS with rsnapshot that is running on a host that I have
physical access too and I rotate the backup drive to another location.
The LXCs are disk images.

Could you elaborate on separating data from services?

On Thu, 2017-03-30 at 23:07 +0300, Simos Xenitellis wrote:
> Is that the traditional LXC or is it LXD/LXC containers?
> I have a similar set-up (the latter, with LXD/LXC) and there is also a
> vsftpd in the mix.
> 
> I think your question is about best practices and whether your
> installation adheres
> to some best practices.
> How do you direct incoming connections to each container? Do you use
> iptables or something else?
> If you where to migrate your installation to another VPS, how
> confident would you be to do that?
> How do you get backups? Do you take snapshots as backups?
> 
> I think that if you reach a point where you separate your data from
> the services, the management of the containers
> will become much easier and you will feel more confident with the installation.
> 
> Simos
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users




More information about the lxc-users mailing list