1---
2title: "LXD: Containers for Human Beings"
3subtitle: "Docker's great and all, but I prefer the workflow of interacting with VMs"
4date: 2023-08-11T16:30:00-04:00
5categories:
6 - Technology
7tags:
8 - Sysadmin
9 - Containers
10 - VMs
11 - Docker
12 - LXD
13draft: true
14rss_only: false
15cover: ./cover.png
16---
17
18This is a blog post version of a talk I presented at both Ubuntu Summit 2022 and
19SouthEast LinuxFest 2023. The first was not recorded, but the second was and is
20on [SELF's PeerTube instance.][selfpeertube] I apologise for the terrible, but
21there's unfortunately nothing I can do about that.
22
23[selfpeertube]: https://peertube.linuxrocks.online/w/hjiTPHVwGz4hy9n3cUL1mq?start=1m
24
25{{< adm type="warn" >}}
26
27**Note:** Canonical has decided to [pull LXD out][lxd] from under the Linux
28Containers entity and instead continue development under the Canonical brand.
29The majority of the LXD creators and developers have congregated around
30[Incus.][inc] I'll be keeping a close eye on the project and intend to migrate
31as soon as there's an installable release.
32
33[lxd]: https://linuxcontainers.org/lxd/
34[inc]: https://linuxcontainers.org/incus/
35
36{{< /adm >}}
37
38## The benefits of VMs and containers
39
40- **Isolation:** we don't want an attacker to get into our webserver and be able
41 to gain access to our email server
42- **Flexibility:** <abbr title="Virtual Machines">VMs</abbr> and containers only
43 use the resources they've been given
44- **Portability:** once set up and configured, VMs and containers can mostly be
45 treated as black boxes; as long as the surrounding environment is similar to
46 the previous in terms of communication, they can just be picked up and dropped
47 on bare metal servers as necessary.
48- **Density:**
49- **Cleanliness:**
50
51## Virtual machines
52
53```goat
54 .---------------------------------.
55| .-------. .-------. .-------. |
56| | Guest | | Guest | | Guest | |
57| | OS | | OS | | OS | |
58| .---+---' .---+---' .---+---' |
59| .--+----. .--+----. .--+----. |
60| | Guest | | Guest | | Guest | |
61| | Kernel | | Kernel | | Kernel | |
62| .---+---' .---+---' .---+---' |
63| .--+----------+----------+----. |
64| | Hypervisor | |
65| .--------------+--------------' |
66| .-------------+---------------. |
67| | Host Kernel | |
68| .-----------------------------' |
69.---------------------------------'
70```
71
72## Containers
73
74```goat
75 Application containers System containers
76 .---------------------------------. .------------------------------.
77| .-------. .-------. .-------. | | .------. .------. .------. |
78| | App 01 | | App 02 | | App 03 | | | | Guest | | Guest | | Guest | |
79| '---+---' '---+---' '---+---' | | | OS | | OS | | OS | |
80| .--+----------+----------+----. | | '---+--' '---+--' '---+--' |
81| | Hypervisor | | | .--+---------+---------+---. |
82| '--------------+--------------' | | | Host Kernel | |
83| .-------------+---------------. | | '--------------------------' |
84| | Host Kernel | | '------------------------------'
85| '-----------------------------' |
86'---------------------------------'
87```
88
89## When to use which
90
91### Virtual machines
92
93- Virtualising esoteric hardware
94- Virtualising non-Linux operating systems (Windows, macOS)
95- Completely isolating processes from one another with a decades-old, battle-tested technique
96
97{{< adm type="note" >}}
98See Drew DeVault's blog post [_In praise of qemu_](https://earl.run/rmBs) for a great use of VMs
99{{< /adm >}}
100
101### Application containers
102
103- Microservices
104- Extremely reproducible builds
105 - (NixOS.org would likely be a better fit though)
106- Dead-set on using cloud platforms with extreme scaling capabilities (AWS, GCP, etc.)
107- When the app you want to run is _only_ distributed as a Docker container and
108 the maintainers adamantly refuse to support any other deployment method
109 - (Docker does run in LXD 😉)
110
111### System containers
112
113- Anything not listed above 👍
114
115## Crash course to LXD
116
1171. Install snap following [Canonical's tutorial](https://earl.run/ZvUK)
118 - LXD is natively packaged for Arch and Alpine, but configuration can be a massive headache.
1192. `sudo snap install lxd`
1203. `lxd init`
1214. `lxc image copy images:debian/11 local: --alias deb-11`
1225. `lxc launch deb-11 container-name`
1236. `lxc shell container-name`