Re: [CentOS-virt] OS-level virtualization using LXC and systemd-nspawn containers
Greetings, - Original Message - > OpenVZ 7 has no updates, and therefore is not suitable for > production. The free updates lag behind the paid Virtuozzo 7 version and plenty of people are using it in production. I'm not one of those. > LXC/LXD is the same technology, as I understand from > linuxcontainers.org linuxcontainers.org is owned by Canonical and yes it documents LXC... but LXD is a management layer on top of it which provides for easy clustering and even managing VMs. I think it is the closest thing to vzctl/prlctl from OpenVZ. > podman can't be a replacement for OpenVZ 6 / systemd-nspawn because > it destroys the root filesystem on the container stop, and all > changes made in container configs and other container files will be lost. > This is a nightmare for the website hosting server with containers. No, it does NOT destroy the delta disk (that's what I call where changes are stored) upon container stop and I'm not sure why you think it does. You can even export a systemd unit file to manage the container as a systemd service or user service. volumes are a nice way to handle persistence of data if you want to nuke the existing container and make a new one from scratch without losing your data. While it is true you have to approach the container a little differently, podman systemd containers are fairly reasonable "system containers". TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] OS-level virtualization using LXC and systemd-nspawn containers
On 25.01.2021 22:24, Scott Dowdle wrote: I found only two possible free/open source alternatives for OpenVZ 6: - LXC - systemd-nspawn Some you seem to have overlooked?!? 1) OpenVZ 7 2) LXD from Canonical that is part of Ubuntu 3) podman containers with systemd installed (set /sbin/init as the entry point) OpenVZ 7 has no updates, and therefore is not suitable for production. LXC/LXD is the same technology, as I understand from linuxcontainers.org podman can't be a replacement for OpenVZ 6 / systemd-nspawn because it destroys the root filesystem on the container stop, and all changes made in container configs and other container files will be lost. This is a nightmare for the website hosting server with containers. systemd-nspawn probably is the best fit for my tasks. But systemd-nspawn also have some major disadvantages in the current RHEL-stable and RHEL-beta versions: https://bugzilla.redhat.com/show_bug.cgi?id=1913734 https://bugzilla.redhat.com/show_bug.cgi?id=1913806 Answering to your previous question: > in the reproduction steps, disabling SELinux is a step? SELinux must be disabled, because if SELinux is enabled - it prevents systemd-nspawn containers from starting. SELinux permissive mode is useless because it consumes more resources compared to completely disabled SELinux. -- Best regards, Gena ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] OS-level virtualization using LXC and systemd-nspawn containers
Greetings, - Original Message - > I found only two possible free/open source alternatives for OpenVZ 6: > > - LXC > - systemd-nspawn Some you seem to have overlooked?!? 1) OpenVZ 7 2) LXD from Canonical that is part of Ubuntu 3) podman containers with systemd installed (set /sbin/init as the entry point) I use LXC on Proxmox VE (which I guess should be #4 above) some although I primarily use it for VMs. Oh, LXD is supposedly packaged for other distros but given that they aren't much into SELinux and they are into snaps, I'd not really recommend it outside of Ubuntu. TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
[CentOS-virt] OS-level virtualization using LXC and systemd-nspawn containers
Hello All, OpenVZ 6 in the past was a very popular technology for creating OS-level virtualization containers. But OpenVZ 6 is EOL now (because RHEL 6 / CentOS 6 is EOL) and all OpenVZ 6 users should migrate to some alternatives. I found only two possible free/open source alternatives for OpenVZ 6: - LXC - systemd-nspawn Does anyone use LXC and/or systemd-nspawn containers on RHEL 8 / CentOS 8 for production? What are advantages and disadvantages of each of these technologies? Can you share your experience with LXC and/or systemd-nspawn for RHEL 8 / CentOS 8 operating system on the hardware node? As I understand, LXC is not supported by Red Hat and it should be used on RHEL at its own risk? But, as I understand from the articles - https://access.redhat.com/solutions/1533893 - https://access.redhat.com/articles/2726611 systemd-nspawn is also not supported by Red Hat and should be used at its own risk? So, between LXC and systemd-nspawn is there no difference despite what systemd-nspawn is the part of the RHEL 8 operating system and can be installed on the RHEL 8 from the BaseOS repo? Are there any chances that the situation with support for systemd-nspawn will change in the future and this OS-level virtualization technology will become fully supported in the RHEL 8.x or the RHEL 9.x version? -- Best regards, Gena ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
