Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: LXC container inside a VM : is it good for scalability?
2 points by yannovitch on May 14, 2013 | hide | past | favorite | 4 comments
Hello,

Who am I ? I'm a french "studentrepeneur", doing distance studies in Computer Science & Business, and working on my companies during the day.

What is my problem ? (/!\ Test conditions, not in production /!\) I have implemented an hybrid private/public cloud (using OpenStack & OpenNebula) with AMI provisioning. As such, I can use by default my own dedicated servers, then scale up with Amazon EC2 instances if I get too much charge on my private instances. As such, I have one pool of VM by function : load balancer, one pool for webserver , one pool for proxy, one for DBB, and so forth ... I use a mix of different technologies, PHP, Python, and I'm even thinking of trying Go. I use Nginx as reverse proxy and as webserver.

Now, all the domains are grouped ( clusterized) together, so they are VM agnostic : I can add as much instance as I want, it will always be presented to the domain as just one big resourceful physical server, not many VM.

What I would like to do now is to add more security by putting each domain in a LXC container. But I wonder, if I include container, won't it break my scalability model ? If yes, should I use a totally different model ? Like, not using a clusterized model but rather a lot of different instances with one per domain ? As it's in test and not in production, I can still break everything ;).

Yann



This is a pretty common thing if you want to get absolute separation for applications within a single (large) vm and is used extensively in the PaaS world. Have a look at cloudfoundry (look on github). This is how it manages containers for each application. Heroku, dotCloud and others seems to follow similar approaches.

Long answer short, a lxc container would look like a self-contained vm to everything outside and from within (except for the controlling vm). You can go with the existing model but I would recommend using one container per application/service. Also have a look at: https://github.com/dotcloud/docker‎


When you say "one container per application/service", you mean I should use

- one container = one domain ? with www.example.com, have one container for www.example1.com with all the services included (webserver_example1, database_example1,...) in one container ? and so forth with www.example2.com, ...

- one container = one service ? have a VM_DB for all the database with container1 = database_example1, container2 = database_example2, ... have a VM_WebServer with container1 = webserver_example1, ... ?

which approach work the best if i keep adding more and more VM (with container inside this VM) ??


Thanks a lot for your answer. What about the long answer not short ^^?


OK, after having read the whole night, I think I will go with OpenShift to have Paas on top of the OpenStack Iaas.

This kind of thing looks like what I want to have : https://www.openshift.com/wiki/architecture-overview

Moreover, when I will have other Saas needs, looks like it will be more easy to deploy.

Y




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: