Quoting Herbert Poetzl <herbert@13thfloor.at>:
>
> That said, it seems to work in LXC nowadays, so I'm
> kind of confident that with just enough permissions
> it will probably work with only small or no modifications.
>
> To be honest, there hasn't been much interest in getting
> systemd running inside a Linux-VServer guest in the past
> few years ...
>
> Well, if you like systemd and don't mind the reduced
> isolation and slighly higher overhead, you are probably
> fine with LXC.
As you know I've Herbert a company I work for tried to move to LXC. It
wasn't a pleasant attempt. It is documented to be insecure to run
privileged containers, but those are default. Moving to unprivileged
containers means greater security, but breaks SystemD in guests.
That's purely the theory of operation, the practice is even worse.
I've had LXC fail to work on it's parent distro Ubuntu. There's been
additional issues too numerous to mention. The project is not mature
and they change the config file structure every release, even between
say 3.0 and 3.1. Even to projects scope has changed, with bits of
LXCFS being merged into LXC.
I have great hopes for LXC still, but it's really not there yet IMHO.
SystemD on Linux-Vserver would be a great.
Cheers,
Ben
Received on Thu Jan 17 09:31:10 2019