Is Incus suitable as desktop container

Incus
,
1

Hi there :slight_smile:

I plan to have an OS as the foundation of my desktop system, and then run some container or VM on top of it as desktop system.

The basic idea is to use Incus similar to Virtualbox, just with system images for the Linux instances.

I am especially interested into the tooling that is available and for experiences and tips around that.

2

Hi!

Usually you would have a desktop system and run most of your very common desktop applications from within the desktop. For example, it makes sense to run your browser and office suite from your desktop.

Some other desktop applications can be run from within a container, or a VM. You would decide that case-by-case. Note that you can run either a application in a container or a new desktop. The former is easier and more common.

  1. Steam. This one makes sense to run in a container (not VM for performance reasons). When installing, it adds all sort of i386 packages and you would rather not want to pollute your desktop system. I used to run Steam in a container but haven’t tested it recently. They change things in Steam often, therefore you may need to perform some debugging.
  2. Multiple apps that normally support a single account. Example: Viber. You can run a single account in an instance of Viber. By putting Viber in containers, you can have multiple accounts on your desktop system.
  3. Testing desktop software. You create expendable GUI containers, install the desktop software, try, and decide whether to keep or incus delete --force gui15.
2 Likes
3

You could run a completely headless system, and then use incus console on a laptop (say) to access it remotely - or even the incus web interface.

If you want to do this on a single machine, then I think the “base” OS has to be a desktop, and then from within that you can use the incus client to connect to the desktops of incus VMs - which is similar to what you get with Virtualbox.

Note that containers don’t support console --type=vga. Graphical desktops would only be available from VMs, unless you create a container with say a VNC Xserver and connect to that.

Or were you thinking of trying to run a single desktop container, and pass all the graphics hardware directly through to it? That sounds very tricky. I also can’t see how you’d share the keyboard and mouse with the base OS (although I guess you could connect a second keyboard and mouse, and pass those though).

If the idea is for security - running different isolated desktops alongside each other - then you’re essentially trying to reimplement Qubes-OS, and you might be better off using that instead.

1 Like
4

Thanks to @simos tutorials, I was able to get IBM Notes application to run as different users concurrently which I need for legacy infrastructure… it too is 32-bit and is a pain to get working on 64-bit so very happy with it in a container. in the screenshot, they are like normal apps and the desktop UI you see is my actual desktop, not the one in the container.

2024-04-24_20-45
2024-04-24_20-452880×1619 374 KB

2 Likes
5

@Scott_T uses tasksel to run a desktop environment inside an Ubuntu container. You can ask him for details.

If you have a desktop environment on your host, you can run GUI apps the way @mratt showed using the GUI profile.

2 Likes
6

@mratt: by “@simos tutorials” do you mean this one?

7

These old tutorials will be nuked anytime soon and replaced with updated instructions. I assume people reuse them on Incus with minor changes.

Indeed, the new tutorial that covers Wayland as well, is the goto tutorial for GUI on Incus. It’s the one posted above.

8

Thanks, I still plan to run entire operating systems. :slight_smile:

Awesome, that sounds exactly as what I want to do. Thanks :smiley:

I generally like to:

Have one, headless NixOS. Then run at least one KaOS, so a completely normal Linux desktop system, as container on top of it. System container, in this case.

I expect it to be able to access certain files from the host system, and obviously also to use all peripherals, just as normal.

That is when I use the setup on one machine.
Host and container would run on the same device.

And when I want to access the container from outside, I should be able to do that.
I assume, this would be possible with the same setup, using a thin client to operate the desktop.

Thanks a lot, that sounds promising. Will definitely look into that. :smiling_face:

Why? If I login to the host via incus console, and then start the container from there, why would the host need to be a desktop system?

Do I need UI, to do any of this? Is the CLI not enough?

9

I meant “if you want the [GUI] client and the container(s) to be on the same machine”

If the machine where you’re running the incus client is a text-only machine, then text is all you’ll be able to do (e.g. serial console access) - I suppose unless you were able to pass through a whole graphics card to one container.

1 Like
10

I absolutely assumed I would pass the GPU - why would I not do that?
That is supposed to be easy, based on what I read in the documentation.
The GUI profile from above also contains this, thankfully. :smiling_face:

11

The GUI profile assumes you have a regular graphical desktop on the host. It allows applications inside containers to access the host’s Wayland and xWayland / X11 sockets.

1 Like
12

oh, I am fine with that.

Like, Wayland/X11 is enough?
I constantly thought, ‘desktop system’ meant I have to pass the whole DE through it.

I wouldnt have liked this.

Thanks a lot, that solves it for me :partying_face: