You are not logged in.

#1 2009-12-21 17:46:25

disturb
Member
Registered: 2009-12-18
Posts: 70

Arch & containers ?

I've been messing with Arch for a little while now, I really like it, and would like to use it to setup my web-development environment.

I currently run the following services locally on my main install :
Database server (mongodb, mysql, postgres)
Application server (rails, sinatra, node.js)
Web server (apach, nginx)
Git server
Needless to say, it's quite messy, and a PITA to manage.

So I've been considering using containers in order to encapsulate them, in small, manageable units, clearly separated from my development environment.
And this has been a bit of a mindfuck, for the following reasons...

To my knowledge, there are 3 containers technologies :
- V-Server
- OpenVz
- LXC

And then there is the host/guest paradigm where different setups are possible :
- The system on metal could be Arch, holding the environment, and managing the containers that make up the underlying infrastructure.
- Or the dev environment itself (still Arch) could be just another container, which  leaves the possibility of using another distro than Arch on metal.


Has anyone had experience with that kind of setup ? Would Arch be more fitting as the host, guest, both ?

I realize this quite an open-ended question, and I'm probably looking confused as hell here (I guess I am).
The process sure seems long-winded, but the end result would allow for such flexibility in my work, that I intend to think this through.

I hope someone can share some insight.

Cheers !

Offline

#2 2009-12-22 09:33:45

dschauer
Member
Registered: 2008-02-28
Posts: 95

Re: Arch & containers ?

From my experience with OpenVZ it would work out just as well for the types of containers you wish to run.

My current usage is not exactly like yours, but I'm setting up some new stuff with Arch and LXC that is similar to what you mention. (One box with a variety of services running in different containers.
I use Arch as a host on a few systems, as host mainly. I've ran some Arch guests without much trouble, but for my specific needs I primarily need to use Debian/CentOS/OpenSUSE containers.

OpenVZ is what I started with but I gave up on due to lack of decent kernel support, so I migrated everything to LXC.
V-Server I could never get working on Arch.
So I switched to LXC.

Last edited by dschauer (2009-12-22 09:35:02)

Offline

#3 2009-12-22 10:26:38

disturb
Member
Registered: 2009-12-18
Posts: 70

Re: Arch & containers ?

dschauer wrote:

From my experience with OpenVZ it would work out just as well for the types of containers you wish to run.

My current usage is not exactly like yours, but I'm setting up some new stuff with Arch and LXC that is similar to what you mention. (One box with a variety of services running in different containers.
I use Arch as a host on a few systems, as host mainly. I've ran some Arch guests without much trouble, but for my specific needs I primarily need to use Debian/CentOS/OpenSUSE containers.

OpenVZ is what I started with but I gave up on due to lack of decent kernel support, so I migrated everything to LXC.
V-Server I could never get working on Arch.
So I switched to LXC.

That's nice to hear, LXC was the most appealing since it's mainline, but I wasn't sure it was mature/stable enough, so I was kind of leaning towards V-Server, you probably saved me a bunch of time here...

Did you notice any difference in performance between openvz and lxc ?
Also, do you think it makes sense to have your user session setup as a container itself, or is there no benefit over having it directly on the host ?

and thanks for the reply smile

Offline

#4 2009-12-22 13:45:32

dschauer
Member
Registered: 2008-02-28
Posts: 95

Re: Arch & containers ?

I've not noticed a performance difference between LXC and OpenVZ.

OpenVZ is easier to learn, and it's tools, tutorials, and canned setups are all more mature.

Once one learns LXC, it is much faster in terms of creating new containers from scratch or cloning an existing container.

LXC is a bit more "down in the mud" so there is more to learn as far as setting up a container (configuration both internal and external to the container).

So far I've not been using LXC in a multiuser setup, apart from me and a few other developers. My usage of LXC is for build/test/backend-services within a larger infrastructure.

Right now in my setups all needed user accounts are in both places for me (both on the controlling host an the containers). I basically treat them as separate machines that have very fast shared file-system mounts.

From my observations, as far as user security, OpenVZ is more secure by default, especially against a root user in a container. LXC seems like it would take a bit more effort to secure.

Offline

#5 2009-12-22 17:46:45

bluewind
Administrator
From: Austria
Registered: 2008-07-13
Posts: 172
Website

Re: Arch & containers ?

If you are talking about http://linux-vserver.org I managed to get in running in vbox, but haven't yet had time to try it somewhere else. AFAIK Linux-Vserver is the only one that lets your progs actually use all your system's RAM. At least in XEN you have to assign some RAM to a VM and even if it's unused other VMs won't be able to use it.

Offline

#6 2009-12-23 18:10:10

dschauer
Member
Registered: 2008-02-28
Posts: 95

Re: Arch & containers ?

By default LXC lets the containers use all available RAM from the controlling host. LXC by default just provides a separate root file-system mount point, and private process id and network namespaces. Everything else is more or less wide open until you start applying restrictions.

It's its minimal usage, LXC can be used for private namespaces only, with shared root file-system mount points and shared network namespace.

So no, Linux-Vserver is not the only one that lets your programs actually use all all your system's RAM. With the right tweaking, OpenVZ can as well.

LXC and OpenVZ are not VMs like XEN. LXC, OpenVZ, and Linux VServer all use similar techniques to achieve the same basic end goal, which is not the same Xen, Qemu with KVM, Virtual Box, VMWare, etc.

I chose LXC because it is the only one that has support included in the current official kernels from kernel.org.

Offline

#7 2009-12-25 21:48:38

disturb
Member
Registered: 2009-12-18
Posts: 70

Re: Arch & containers ?

Actually I'd rather have each container use as much resources as it needs, so I don't unintentionally create bottlenecks which could be tricky in a dev environment...
LXC looks like a good option for my needs, and there are some arch-related resources available, so I'll probably try that.

Thanks for all the replies.

Offline

Board footer

Powered by FluxBB