Take all the speed and efficiency of docker, and turn it into a full virtualisation experience. That’s the goal of Canonical’s new initiative to create the next big hypervisor around Linux container technologies. Imagine you could launch a new machine in under a second, and that you could launch hundreds of them on a single server. Hundreds! Now, imagine that you have hardware-guaranteed security to ensure that those machines can’t pry or spy on one another. Imagine you can connect them separately and securely to networks. And imagine that you can run that on a single node or a million, live migrate machines between those nodes, and talk to all of it through a clean, extensible REST API. That’s what LXD sets out to deliver. Update: a bit more about LXD from Dustin Kirkland.
Very interesting and very promising.
I’ll be watching this project closely.
http://www.ubuntu.com/cloud/tools/lxd
Thank you.
Which is already doing much of this, though an Alpha:
http://osv.io/
That’s kvm and lxc or openvz isn’t it?
Just a libvirt wrapper in a nice package i think.
I like archipel, too. And let’s not forget proxmox ve.
Isn’t this another example of them forgetting everything that exists now, and doing their own thing?
Is it? Elaborate please.
No. This is Canonical doing something really useful and noteworthy.
Indeed, Canonical do have some really nice cloud management tools.
No, you’re thinking of Red Hat.
Sounds strangely like Solaris jails on Linux.
They’re called zones, and no.
And they descended from FreeBSD jails which is why I referred to them as that.
Why do you say no, could you elaborate?
Crossbow networking
Overlays (sparse zones)
Branded zones
svc framework
and some other minor things
I’m not going to argue which one is better, as that’s pointless.
I will say, however, that they are quite different.
‘..strangely like’ hardly means in totality.
As p13 says, they are very different. Not only from a technical perspective but from a usage perspective. FreeBSD jails are pretty much “fire and forget”, whereas Docker and containers in general give you (possibility ridiculously) incredible flexibility.
FreeBSD jails are the closest thing you can have to a standard VM without having a VM. In that sense, they behave almost exactly as a full OS, with a standard system init, and a monolithic filesystem (although there are some clever things you can do).
Containers give you a lot more rope, and all of it comes in little strands that you can twine together any way you want. It is both very cool and incredibly frustrating, depending on whether you want to play or get something in place quickly.
What they have in common is that they give you a separate userland and separate process space while using the host kernel–ergo performance hit is minimal.
I like both, although for most standard virtual server work, FreeBSD jails carry a LOT less conceptual load than containers.
The main feature it seems to be the live migration but that is something Xen does. Is it the REST API?
Edited 2014-11-05 20:31 UTC
This isn’t like Xen at all…
It is basically a server architecture around LXC, a container implementation.
Apparently they are talking to hardware manufacturers about integrating hypervisor-like features into the silicon, which can then be used to separate containers more completely while remaining light.
The main reason people use things like Xen and KVM instead of containers is that they provide more secure separation between each VM and the main system, this removes that benefit.
Now, the only real reason to use Xen or KVM will be to virtualize other OS’s.
I wonder what qubeos’ founder next strategy with the LXD announcement. QubeOS purposely used Xen for the sake of isolation security.
Containers are very different from Xen.
Edited 2014-11-08 05:44 UTC
All of those things that are listed as features can already be done with KVM on linux. The question is “should” they be done. Is it efficient to use the resources that some of those things require for most purposes? Not really.
Yes, but KVM has a LOT of overhead, these are containers offering hypervisor-like features via the hardware.
It is sort of the point of containers though, they use less resources than actual hypervisors while remaining somewhat secure – although less secure because of using the same kernel.
This is essentially a best-of-both-worlds thing.
Edited 2014-11-06 00:25 UTC
I should have said LXC offers those features. KVM and containers are different