[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Rdo-list] Why do I need KVM, XEN, if I can use Docker / LXC?



On Mon, Feb 17, 2014 at 11:42:21PM +0100, Arash Kaffamanesh wrote:
> Why someone shall use KVM, Xen or other hypervisors instead Docker / LXC
> Containers on OpenStack?

Right now, Docker / LXC provide almost no security. When we have SELinux
support, it'll be better, but you're still depending on a shared kernel.
Virtualization provides a much higher level of isolation.

The shared kernel is also limiting in other ways; you are dependent on the
host kernel to have all of the features you need. And of course if you want
a non-Linux system, that's not possible.

Also, I don't think there's currently a good approach for live migration
with containers.


-- 
Matthew Miller           mattdm mattdm org          <http://mattdm.org/>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]