why invent again the wheel, proxmox does well
- to save some bites of memory by removing layer
- because I don’t use LXC
- because proxmox encapsulate libvirtd
No problems, if you prefer choosing the worse tool…
Full Virtualization gives the VM max 80-90% of the Host, loss=10-20%
no matter if Hyper-V, VMWare ESXi, XEN or Virtualbox or even KVM.
LXC has a loss of 1-5%!!!
For 20-30 clients, I’m running as LXC:
- Zoneminder for 10 Axis Cams, 4 of them HD…
- FOG-Project for cloning and imaging
- SQL-Ledger booking
- and others
I always run NethServer as KVM under Proxmox, stability of Proxmox is almost unbeatable!
My 2 cents
following your logic, you also choose the worst tool
and you should run nethserver under lxd
- LXC is the grand father of docker which is container not full virtualization
- the alternative to KVM is LXD not LXC which is not available under proxmox
No, Proxmox is better, also the most people you have communicated on this forum use Proxmox, and share my opinion.
I use this professionally!
Docker is as much an improvement to LXC like Vista was to XP, or Win8 to Win7.
It introduces too many IPs into the system including rules, firewalling etc.
Also, according to the “pure” Docker theory, splitting up every service into it’s own Docker, just becomes less stable, as too many dependencys are introduced.
A lot of the interna of available Dockers are very badly documented, when it comes to internal networks.
Two cases of IPs introduced into the network - and killing off Internet when started - do NOT speak for Docker. That does NOT happen with Full Virtualization or LXC… These two only introduce IPs you’ve assigned, or DHCP for the single NIC.
It’s OK to play with Docker, maybe a minimal professional use is also OK, but in my opinion, the Docker guys need to rethink a lot of things!
But thanks for the flowers!
Ok, Bunny-ProxMox and Bunny-Docker, you have your own favorite flavor. Don’t catfight, please
Podman is already RedHat choice.
My question is: can container and VM be managed/hosted by the same NethServer setup?
Also: does this setup have any user viable cases?
let’s talk about container and VM
Univention support both (KVM/Docker), the project just didn’t old well
ClearOS also support both (KVM/Docker); docker via their project ClearGlass
FreeNAS support both (bhyve); but the docker part is in reallity RancherOS inside a VM
OpenMediaVault support both (VirtualBox/Docker); and they tend to move apps into the docker
LXC is obviously stronger and in Proxmox they push the unprivileged which is great but also available for docker but the docker community is very convenient you could almost find anything (if you don’t really care about the security) while with LXC you are almost on your own.
the main show stopper for Nethserver and the capability of using container is the shorewall
at the end yes everyone a preference you love boy I love girl, I prefer pink you prefer blue…
my question become irreverant because
KVM still available and supported on Nethserver (https://docs.nethserver.org/en/v7/virtual_machines.html?highlight=kvm)
And I don’t really understand why @Andy_Wismer the side tracker troll me
FreeNAS supports containers called jails. It also supports VMs, into which you can install pretty much any Windows or Linux flavor you want, on which you can do pretty much whatever you want, including run Docker if that’s your thing (though I have yet to see the attraction). The dedicated RancherOS VM went away with FreeNAS 11.3, which IMO was a good thing, but you can still install RancherOS, or Ubuntu, or CentOS, or whatever other flavor of Linux you want to do Docker on. Though IMO, FreeNAS isn’t a great choice of hypervisor.
did you tried nethserver-portainer, I recall some work on it.
I’m more a docker-compose and docker-compose.override.yml guy and I don’t like to have too many webgui for the same server
But from your statement I could/should understand the docker/shorewall interaction is not an issue anymore
yes and if you try it, the work under the hood is (quite) done, however you left the tcp port of container for an IP in another network
i am not sure about the state of the rpm, alpha, beta
on which repo ?
Just for reference to make things clear. The discussion is about comparing apples to pears.
While Virtualbox is a type2 hypervisor, KVM is a type1 hypervisor. They serve different needs.
In the case of NethServer, a type 1 hypervisor is a layer under NethServer (for instance KVM/ProxMox). and a type 2 hypervisor (phpVirtualbox) is installed in/on NethServer. IMO a very big difference.
I put nethserver-docker to my repo to make it available.
wget https://download.docker.com/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo yum -y install https://mrmarkuz.dynu.net/mirror/mrmarkuz/7/noarch/nethserver-docker-0.0.0-1.7.gaaa415f.ns7.noarch.rpm` config setprop docker status enabled signal-event nethserver-docker-update
However, KVM can also run on Neth, correct? I believe that was mentioned up-thread.
yes it just slept my attention but it’s in the doc
You’re welcome. It was a quick action just to provide it for testing.
with skilled sysadmin about docker and skilled developers that we are, I am sure we can make it stable