Is it good idea to run container as production?

[nwongrat]

I am NOT a developer. I am just a superuser who love to try things out. I just ran in to the container world. I feel like it much better than vm in terms of performance. Such as backup, start, restart, whatever things you do to container it seems to be a lot quicker than VM.

I am using LXC container (turnkey-core) for all of my container. Below are the question in my mind.
1. does it good idea using container as a production site? In my case WordPress and self-hosted CRM app. Not to mention Windows because I don't know how to run as container.
2. Do I need to separate the container for EACH of the application? or I could just install every application in one LXC container. Everything seem using a little of resources.
3. Is there a way to run windows container under proxmox?
4. If I change any configuration on proxmox host, will it impact the container? Vise versa.

Thank you for all reply.

 

[Dunuin]

I am NOT a developer. I am just a superuser who love to try things out. I just ran in to the container world. I feel like it much better than vm in terms of performance. Such as backup, start, restart, whatever things you do to container it seems to be a lot quicker than VM.

Backups of VMs are much faster...atleast when using snapshot-mode backups to a PBS, as LXCs can't make use of dirty bitmapping.

I am using LXC container (turnkey-core) for all of my container. Below are the question in my mind.
1. does it good idea using container as a production site? In my case WordPress and self-hosted CRM app. Not to mention Windows because I don't know how to run as container.

3. Is there a way to run windows container under proxmox?

LXC stands for "LinuX Container". They share the kernel with the host, so you are potentially more vulnerable as LXCs are less isolated. And as a LXC can't use its own kernel, you are limited to Linux and can't use Win, Mac, FreeBSD and whatever.

2. Do I need to separate the container for EACH of the application? or I could just install every application in one LXC container. Everything seem using a little of resources.

As you like. But the question is....why do you want to virtualize/containerize stuff? If you run all your applications in one LXC or VM a bare metal install would perform better.

4. If I change any configuration on proxmox host, will it impact the container? Vise versa.

Depends. The host is sharing the hardware and kernel with the LXC so there are dependencies.


I would recommend:
If you want to run web services: use VMs because of better isolation/security
If you want to run critical services: use VMs because of less dependencies and better portability
If you want to run application containers like docker: use a VM as this causes less problems
If you need to run a web service but you can't afford better hardware or it is a local service: use a unprivileged LXC
If you want to run some local services that require a NFS/SMB share: use a privileged LXC

 

[nwongrat]

Backups of VMs are much faster...atleast when using snapshot-mode backups to a PBS, as LXCs can't make use of dirty bitmapping.

I have never used snapshot mode for backup since the documentation state the "risk" for this mode. I use stop mode all the time. I have no idea how much potential for the "risk" in snapshot mode so I just make sure of it.

Are you saying that doing snapshot mode is enough for backup vm?

In my case, The majority of vm/container is for "limit the risk". For example, if one die, I can resurrect it in no time without impact to others.
Since the proxmox HA has the 51% node to start up. I can not risk using HA right now. I have only 4 nodes which make I need at least 3 nodes alive at the same time. Too risky me for. I have to reinstall every node one time because of this rule. It kinda pain in my mind.

Thank for every of your reply. I really appreciated.

 

[LnxBil]

I have never used snapshot mode for backup since the documentation state the "risk" for this mode. I use stop mode all the time. I have no idea how much potential for the "risk" in snapshot mode so I just make sure of it.

stopping is - for consistency reasons - always better, but cannot be done for everything and/or all the time.

can not risk using HA right now. I have only 4 nodes which make I need at least 3 nodes alive at the same time.

If you have already a cluster with shared storage (external nfs, external iscsi or CEPH), I'd always go with KVM. You can live-migrate which is currently not possible with LX(C) containers. Just add a PI as a QDevice (quorum device) and you have 5 votes instead of 4 and can use HA.