Virtual Machine with local directory storage?
- Thread starter pmlearner
- Start date
Hmm, not really in such a straight forward way, the VM may not understand the filesystem layout (e.g., if not a Linux VM) and it would breach the guest to host barrier, for CTs this is only possible as CT and host share the OS Kernel.
What'd be your use case, just sharing a directory between host and guest?
What'd be your use case, just sharing a directory between host and guest?
I'm coming from an openvz background (pre-ploop) where all files were in /vz/private/VEID. All my hosts and containers/VMs are Linux. The advantages for me are :
- easily copy files in and out of container.
- mass update containers (outside of a normal package) - if security required a replacement file I could do so from the host node without any regard to the container setup (assuming it was running the same base os of course). No need to install client software, etc.
- when restoring from backup i can prioritize certain subdirs by restoring the base os and then rsyncing "important" files first. With .raw, etc. I have to rsync the whole backup at once. I could mount the .raw on the backup server but that seems like more potential trouble. With a plain directory I can backup and restore to nearly anything.
I have found that there are many sysadmin tasks that I need to do on containers and having access to the filesystem from the host node makes this much easier.
Regarding security, either way the OS is using some file (or set of files) as the VM filesystem so seems it would be the same.
I tried to move to lxc but have learned it does not have the same isolation as openvz. I looked openvz 7 but it seems it only supports older OS's at this point (no Centos 8 vm's for example).
All input is appreciated!
- easily copy files in and out of container.
- mass update containers (outside of a normal package) - if security required a replacement file I could do so from the host node without any regard to the container setup (assuming it was running the same base os of course). No need to install client software, etc.
- when restoring from backup i can prioritize certain subdirs by restoring the base os and then rsyncing "important" files first. With .raw, etc. I have to rsync the whole backup at once. I could mount the .raw on the backup server but that seems like more potential trouble. With a plain directory I can backup and restore to nearly anything.
I have found that there are many sysadmin tasks that I need to do on containers and having access to the filesystem from the host node makes this much easier.
Regarding security, either way the OS is using some file (or set of files) as the VM filesystem so seems it would be the same.
I tried to move to lxc but have learned it does not have the same isolation as openvz. I looked openvz 7 but it seems it only supports older OS's at this point (no Centos 8 vm's for example).
All input is appreciated!
Could you elaborate?
Most people use LXC on top of ZFS, because you have everything mounted and can replace files etc. All the cool stuff that OpenVZ did back in the days work with LXC, at least the most stuff I use, so the migration from OpenVZ zu LXC was easy.
on lxc it seems all containers share the same load average, dmesg, etc. I have found a way to lock out dmesg but still not ideal (now there is just no dmesg at all for containers). I need full separation for my containers.
Let me know if I'm missing something to make lxc more isolated. I'm not running zfs but am very excited to give it a try. Will be great if I can access files like you describe. For whatever reason my hetzner config skipped zfs. Can't re-install as I have things running on it now but hopefully will come across another cheap dedicated server to test it on soon.
Let me know if I'm missing something to make lxc more isolated. I'm not running zfs but am very excited to give it a try. Will be great if I can access files like you describe. For whatever reason my hetzner config skipped zfs. Can't re-install as I have things running on it now but hopefully will come across another cheap dedicated server to test it on soon.
Last edited:
Ah, that is what you mean. Yes, the load is shared and dmesg can be forbidden but there is currently - to my knowledge - no way around the load issue. Maybe we'll get something in the future with a newer version of LXC, but I do not know.
Yes, I would not want it any other way. I hate mounting raw files and handling with stuff in the overcomplicated way.
Hi,
Mybe a better idea would be to use ansible. You could solve very optimal all of your task presented by you.
Mybe a better idea would be to use ansible. You could solve very optimal all of your task presented by you.