Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

LXD is container technology, right? I've used Docker for years now (in my home lab.) I took a stab at using Podman a couple times but the friction was too high (and my motivation to switch too low.)

How does LXD compare to Docker? Should I be interested in it or just continue with Docker for the handful of containers I'm using (Gitea, Checkmk, MariaDB, Mosquitto.) The license is not interesting to me unless there's a technical advantage. (And for my personal use the license is probably moot anyway.)

Host OS would be Debian, if it matters.

Thanks!



> How does LXD compare to Docker?

They have different use cases.

Docker runs single applications/daemons.

LXD runs a whole Linux system by spawning an init process which takes care of spawning and managing other processes that compose a system.

A great security feature of LXD is that these child systems are run in user namespaces and don't have root privileges in the host. Docker runs with full root privileges, and malicious code can easily escape the container and take over the host.


LXD is containers but presented much more like a traditional VM, without so much of the Dockerfile type stuff. If you just want VMs but more lightweight, it's great for that and has less footguns and cruft. If you actually want to make use of the docker-type features then it's not really designed for that.


LXD is more of a stateful flavor of containers. Or at least that is how it started.

Nowadays it is literally a VM management system, like Ovirt (but without a GUI). They added QEMU/KVM support quite a while ago now.


LXD has a web gui now. It is fairly basic right now but it is there.


Oh cool! I know there were unofficial ones floating around.


Incus has a demo of that UI (rebranded) accessible through their online demo: https://linuxcontainers.org/incus/try-it/ (there's a "Web UI" link once started)


LXC/LXD is similar to Jails. You have a directory with a whole distribution and a config file with a few details such as network setup and bind mounts.

It is much simpler than Docker. I think it's a better starting point if you want to learn about containers.

Just last week I tried LXC on Debian, but there was a conflict with iptables. I had more success with Ubuntu.


> It is much simpler than Docker

Quite a bold statement, very much depends on the task and user's background.

For one, running things across your team members, team consisting of mixed Windows, Macos, Linux workstations/laptops, you can't rely on LXD be easily accessible (the same for Jails of course).

Running quick tests, one-shot tasks like

   docker run --rm -v "$(pwd):/sitespeed.io" sitespeedio/sitespeed.io:30.9.0 https://www.mysuperstartup-website.io/
Is easy peasy - friend of mine being SEO guy, could do this. No chances this can be done with LXD (jails of course is even worse for UX/DX - it's requires FreeBSD)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: