What does Docker add to lxc-tools the userspace LXC tools

Question

If you take a look at Docker s features  most of them are already provided by LXC   So what does Docker add  Why would I use Docker over plain LXC

User · Answer

Going to keep this pithier  this is already asked and answered  above    I d step back however and answer it slightly differently  the docker engine itself adds orchestration as one of its extras and this is the disruptive part  Once you start running an app as a combination of containers running  somewhere  across multiple container engines it gets really exciting  Robustness  Horizontal Scaling  complete abstraction from the underlying hardware  i could go on and on       Its not just Docker that gives you this  in fact the de facto Container Orchestration standard is Kubernetes which comes in a lot of flavours  a Docker one  but also OpenShift  SuSe  Azure  AWS     Then beneath K8S there are alternative container engines  the interesting ones are Docker and CRIO - recently built  daemonless  intended as a container engine specifically for Kubernetes but immature  Its the competition between these that I think will be the real long term choice for a container engine

User · Answer

From the Docker FAQ   Docker is not a replacement for lxc   lxc  refers to capabilities of the linux kernel  specifically namespaces and control groups  which allow sandboxing processes from one another  and controlling their resource allocations   On top of this low-level foundation of kernel features  Docker offers a high-level tool with several powerful functionalities    Portable deployment across machines  Docker defines a format for bundling an application and all its dependencies into a single object which can be transferred to any docker-enabled machine  and executed there with the guarantee that the execution environment exposed to the application will be the same  Lxc implements process sandboxing  which is an important pre-requisite for portable deployment  but that alone is not enough for portable deployment  If you sent me a copy of your application installed in a custom lxc configuration  it would almost certainly not run on my machine the way it does on yours  because it is tied to your machine s specific configuration  networking  storage  logging  distro  etc  Docker defines an abstraction for these machine-specific settings  so that the exact same docker container can run - unchanged - on many different  machines  with many different configurations  Application-centric  Docker is optimized for the deployment of applications  as opposed to machines  This is reflected in its API  user interface  design philosophy and documentation  By contrast  the lxc helper scripts focus on containers as lightweight machines - basically servers that boot faster and need less ram  We think there s more to containers than just that  Automatic build  Docker includes a tool for developers to automatically assemble a container from their source code  with full control over application dependencies  build tools  packaging etc  They are free to use make  maven  chef  puppet  salt  debian packages  rpms  source tarballs  or any combination of the above  regardless of the configuration of the machines  Versioning  Docker includes git-like capabilities for tracking successive versions of a container  inspecting the diff between versions  committing new versions  rolling back etc  The history also includes how a container was assembled and by whom  so you get full traceability from the production server all the way back to the upstream developer  Docker also implements incremental uploads and downloads  similar to  git pull   so new versions of a container can be transferred by only sending diffs  Component re-use  Any container can be used as an  base image  to create more specialized components  This can be done manually or as part of an automated build  For example you can prepare the ideal python environment  and use it as a base for 10 different applications  Your ideal postgresql setup can be re-used for all your future projects  And so on  Sharing  Docker has access to a public registry  https   registry hub docker com   where thousands of people have uploaded useful containers  anything from redis  couchdb  postgres to irc bouncers to rails app servers to hadoop to base images for various distros  The registry also includes an official  standard library  of useful containers maintained by the docker team  The registry itself is open-source  so anyone can deploy their own registry to store and transfer private containers  for internal server deployments for example  Tool ecosystem  Docker defines an API for automating and customizing the creation and deployment of containers  There are a huge number of tools integrating with docker to extend its capabilities  PaaS-like deployment  Dokku  Deis  Flynn   multi-node orchestration  maestro  salt  mesos  openstack nova   management dashboards  docker-ui  openstack horizon  shipyard   configuration management  chef  puppet   continuous integration  jenkins  strider  travis   etc  Docker is rapidly establishing itself as the standard for container-based tooling    I hope this helps

User · Answer

Dockers use images which are build in layers  This adds a lot in terms of portability  sharing  versioning and other features  These images are very easy to port or transfer and since they are in layers  changes in subsequent versions are added in form of layers over previous layers  So  while porting many a times you don t need to port the base layers  Dockers have containers which run these images with execution environment contained  they add changes as new layers providing easy version control    Apart from that Docker Hub is a good registry with thousands of public images  where you can find images which have OS and other softwares installed  So  you can get a pretty good head start for your application

User · Answer

Let s take a look at the list of Docker s technical features  and check which ones are provided by LXC and which ones aren t   Features      1  Filesystem isolation  each process container runs in a completely separate root filesystem    Provided with plain LXC      2  Resource isolation  system resources like cpu and memory can be allocated differently to each process container  using cgroups    Provided with plain LXC      3  Network isolation  each process container runs in its own network namespace  with a virtual interface and IP address of its own    Provided with plain LXC      4  Copy-on-write  root filesystems are created using copy-on-write  which makes deployment extremely fast  memory-cheap and disk-cheap    This is provided by AUFS  a union filesystem that Docker depends on  You could set up AUFS yourself manually with LXC  but Docker uses it as a standard      5  Logging  the standard streams  stdout stderr stdin  of each process container is collected and logged for real-time or batch retrieval    Docker provides this      6  Change management  changes to a container s filesystem can be committed into a new image and re-used to create more containers  No templating or manual configuration required     Templating or manual configuration  is a reference to LXC  where you would need to learn about both of these things  Docker allows you to treat containers in the way that you re used to treating virtual machines  without learning about LXC configuration      7  Interactive shell  docker can allocate a pseudo-tty and attach to the standard input of any container  for example to run a throwaway interactive shell    LXC already provides this     I only just started learning about LXC and Docker  so I d welcome any corrections or better answers

User · Answer

The above post  amp  answers are rapidly becoming dated as the development of LXD continues to enhance LXC     Yes  I know Docker hasn t stood still either   LXD now implements a repository for LXC container images which a user can push pull from to contribute to or reuse   LXD s REST api to LXC now enables both local  amp  remote creation deployment management of LXC containers using a very simple command syntax   Key features of LXD are    Secure by design  unprivileged containers  resource restrictions and much more  Scalable  from containers on your laptop to thousand of compute nodes  Intuitive  simple  clear API and crisp command line experience  Image based  no more distribution templates  only good  trusted images  Live migration   There is NCLXD plugin now for OpenStack allowing OpenStack to utilize LXD to deploy manage LXC containers as VMs in OpenStack instead of using KVM  vmware etc     However  NCLXD also enables a hybrid cloud of a mix of traditional HW VMs and LXC VMs   The OpenStack nclxd plugin a list of features supported include   stop start reboot terminate container Attach detach network interface Create container snapshot Rescue unrescue instance container Pause unpause suspend resume container OVS bridge networking instance migration firewall support   By the time Ubuntu 16 04 is released in Apr 2016 there will have been additional cool features such as block device support  live-migration support

[docker] What does Docker add to lxc-tools (the userspace LXC tools)?

Examples related to docker

Examples related to lxc