LXD in production environment

fridobox · November 22, 2018, 12:19pm

Same for me

vitalino · November 23, 2018, 4:09pm

Thanks everyone!

Your clarifications was much important for me.

I hope that post helped much other people (~400 views).

Solved.

Hasan_Ahmed · May 13, 2020, 8:31pm

Hi,
Thanks for writing this down. Can I know how you make the containers talk out to network. Like is there any configuration you have done in containers to add domain, I am using a proxy container which then further routes the requests to each domain and this configuration seems not good to me.

derekmahar · May 13, 2020, 10:34pm

What is the origin and meaning of this phrase?

datablitz7 · May 13, 2020, 10:50pm

I’m not sure who coined it first to be honest. It is a way to convey the shift in how we treat our servers: as pets, meaning we nurture them and help them live for a long time, or as cattle, where we have them fulfill their purpose and then kill them. Here is an interesting post on this distinction.

https://blog.octo.com/en/pet-vs-cattle-from-server-craftsman-to-software-craftsman/

Manishfoodtechs · May 14, 2020, 2:24pm

Yes , I Do.
Look at this post : https://unit42.paloaltonetworks.com/attackers-tactics-and-techniques-in-unsecured-docker-daemons-revealed/
You can’t do firewall particularly within a docker container.
But with lxd you can.
ufw enable possible in lxd container but not docker.

bodleytunes · May 14, 2020, 8:42pm

You can run stateful workloads in docker containers, you mount external persistent storage (persistent volumes). These can be local folders or shared storage, many plugins available.

If your using Kubernetes you can run persistent storage with something like Rook or OpenEBS which can deploy ceph on your kube worker nodes and will create the ceph osds, the rbd images and mount persistent volumes to your pods. Quite nifty really.

Firewalling with docker containers would be more akin to policy based rules and an SDN, everything with iptables is automated in Kubernetes, similar to how it is with Openstack Neutron or contrail, its designed to scale so you don’t touch the things at the individual conatiner level.

The downside is running docker on mass with kubernetes requires a lot more planning to have it running correctly. LXD is easier to setup, lower barrier for entry, so for smaller scale seems to fit the bill perfectly and its easier to get your head around it if your coming from the world of VM’s.

I don’t know why more people don’t use LXD, it still seems most people only know VM’s or Docker/kubernetes these days.

Cheers!
Jon.

maherkhalil07 · May 19, 2021, 8:36pm

Hello,
I plan to use LXD for creating and selling VPS. is that the right choice?

stgraber · May 19, 2021, 10:36pm

It can definitely be used for that and a few others have used it for this before.
You’ll need to be careful about security and networking, but that’s the case regardless of the platform you use.

maherkhalil07 · May 20, 2021, 8:46am

Hello Stgraber
How are you?
do you think it is the right choice?
also, did people use that succeeded and still use it?

tomp · May 20, 2021, 8:50am

See also Long-term (3+year) LXD commitment?

maherkhalil07 · May 20, 2021, 8:54am

very good