25
votes

Questions

  • How does lxd provide Full operating system functionality within containers, not just single processes?
  • How is it different from lxc/docker + wrappers?
  • Is it similar to a container that is launched with docker + supervisor/wrapper script to contain multiple processes in one container?

In other words:

  • What can I do with lxd that I cannot do with some wrappers over lxc and docker ?
  • Why is it available only in ubuntu if they are making use of mainline kernel features (namespaces and cgroup )?
3

3 Answers

21
votes

How does lxd provide Full operating system functionality within containers, not just single processes?

Containers are Isolated Linux systems using the cgroups capabilities for limit cpu/memory/network/etc in the Linux kernel, without the need for starting a full virtual machine.

LXD uses the capabilities provided by liblxc (that is based in LXC) and from this comes the capabilities for full OS functionality.

How is it different from lxc/docker + wrappers?

LXD use liblxc from LXC. Docker is more application focused, only the principal process for your app inside the container (using libcontainer now by default, Docker did use liblxc first for this)

Is it similar to a container that is launched with docker + supervisor/wrapper script to contain multiple processes in one container?

Something similar. The diference between LXD and Docker is that Docker is an application container, LXD is a system container. LXD use upstart/systemd like principal process inside the container and by default is ready to be a full VM environment with very light memory/cpu usage. Yes, you can build your docker with supervisorctl/runit, but you need to do manually this process. You can check how is done in http://phusion.github.io/baseimage-docker/ that do something similar inside a container.

What can I do with lxd that I cannot do with some wrappers over lxc and docker ?

live migrations of containers, use your containers like full virtual machines, precise config for dedicate cpu cores/memory/network I/O for use in your container, run your container process in unprivileged mode (root process inside your container != root process in your host) by default Docker work in privileged mode, only now in Docker 1.10 they implement unprivileged mode but you need to review (and maybe rewrite) your Dockerfiles because many things will not work in unprivileged mode.

LXD and Docker are diferent things. LXD gives you a "full OS" in a container and you can use any deployment tool that works in a VM for deploying applications in LXD. With Docker your application is inside the container and you need diferent tools for deploying applications in Docker and do metric for performance.

Why is it available only in ubuntu if they are making use of mainline kernel features (namespaces and cgroup )?

LXD has commercial support from Canonical if is needed, but you can build LXD in Centos 7, ArchLinux (with kernel patched) check https://github.com/lxc/lxd. Gentoo supports LXD now https://wiki.gentoo.org/wiki/LXD.

12
votes

LXD is based on liblxc, its purpose is to control some lxc with added capabilities, like snapshots or live migration. LXD is linked to LXC and they are OS centered.

Docker is much more application centered, based at the beginning on LXC but now independent from LXC, it can use openvz or whatever. Docker only focuses on application with lib and dependency, not on OS.

look at this for more : https://www.flockport.com/lxc-vs-lxd-vs-docker-making-sense-of-the-rapidly-evolving-container-ecosystem/

Regards.

6
votes

LXD works in conjunction with LXC and is not designed to replace or supplant LXC. Instead, it’s intended to make LXC-based containers easier to use through the addition of a back-end daemon supporting a REST API and a straightforward CLI client that works with both the local daemon and remote daemons via the REST API.

LXD is more like docker host.