Pika

They are very nice. They share kernelspace so I can understand wanting isolation but, the ability to just throw a base Debian container on, assign it a resource pool and resource allocation, and install a service directly to it, while having it isolated from everything without having to use Docker’s emphereal by design system(which does have its perks but I hate troubleshooting containers on it) or having to use a full VM is nice.

And yes, by Docker file I would mean either the Docker file or the compose file(usually compose). By straight on the container I mean on the container, My CTs don’t run Docker period, aside from the one that has the primary Docker stack. So I don’t have that layer to worry about on most CT’s

As for the memory thing, I was just mentioning that Docker does the same thing that containers do if you don’t have enough RAM for what’s been provisioned. The way I had taken that original post is that specifying 2 gigs of RAM to the point the system exhausts it’s ram would cause corruption and the system crashes, which is true but docker falls for the same issue if the system exhausts it’s ram. That’s all I meant by it. Also cgroups sound cool, I gotta say I haven’t messed with them a whole lot. I wish proxmox had a better resource share system to designate a specific group as having X amount of max resources, and then have the CT or vm’s be using those pools.

Yea I plan to try out the new Proxmox version at some point to try that out, thank you again.

I think we might have a different definition of Virtualized and containers. I use IBM’s and Comptias definitions.

IBM’s definition is

Virtualization is a technology that enables the creation of virtual environments from a single physical machine, allowing for more efficient use of resources by distributing them across computing environments.

The IBM page themselves acknowledges that containers are virtualization on their Containers vs Virtual Machines page. I call virtualization as an abstraction layer between the hardware and the system being run.

Comptia’s definition of containers would be valid as well. Which states that containers are a virtualization layer that operates at the OS level and isolates the OS from the file system. Whereas virtual machines are an abstraction layer between the hardware and the OS.

I grew this terminology from my comptia networking+ book from 12 years ago though, which classifies Virtualization as “a process that adds a layer of abstraction between hardware and the system” which is a dated term since OS level virtualization such as Containers wasn’t really a thing then.

Will be looking into that, I haven’t upgraded from 8.4 yet. That sounds like a pretty decent thing to have. Thanks!

Your statements are surprising to me, because when I initially set this system up I tested against that because I had figured similar.

My original layout was a full docker environment under a single VM which was only running Debian 12 with docker.

I remember seeing a good 10gb different with ram usage between offloading the machines off the docker instance onto their own CT’s and keeping them all as one unit. I guess this could be chalked down to the docker container implementation being bad, or something being wrong with the vm. It was my primary reason for keeping them isolated, it was a win/win because services had better performance and was easier to manage.

Sorry, make legal requires the lawyer subroutine which requires full access to everything to verify you have the money to be able to make such a claim

as much as I would love this. If it ever did become a thing, what you would see wouldn’t be companies taking the fine, you would see companies “off-branching” and having income be reported on a parent company that is contracted to the offending company. like in the case of alphabet, they would likely just migrate the android division to be a contractee that they have full control over that they never terminate the contract for. They no longer “own” android legally, they contract android to do their bidding. So when it ends up in court, it ends up as a “well Android did it not us” much like how Amazons third party delivery services worked when they tried to enforce unionization laws.

some important clarification though, that is a hard cap, realistically it will likely be quite a bit less.

Concidering that they were estimated to be making 31 billion USD off the android ecosystem alone back in 2016 over 10 years 2006-2016, im sure it’s not even a drop in the bucket now.

This is a great way to say it. I feel the same. You put the same effort in regardless where it comes from.

When you say moderated, do you mean a comment or did you do another post? if its a comment is that something your instance does? or did it just fail to send. you peaked my curiosity because I wasn’t aware of instances filtering comments, only posts.

I’m not a mod but, to me I see self hosting as maintaining your own setup. If it’s hosted in a cloud you still are maintaining the setup you are just offloading hardware responsibilities to someone else.

It’s not like you are signing up for google photos and then saying “yo guys I have my own photos self hosted”, you still are putting the pain and suffering into making it work, you just aren’t worrying about the hardware or network requirements (outside of security)

Being said, some people firmly see "“self-hosting” as you buy the parts, install and configure everything and it’s coming out of your house.

It’s a sticky situation, imo that type of ideology also throws any type of using a DNS/DDOS host out the window as well., but again YMMV depending on who you ask.

I definitly think if you are installing -> configuring -> maintaining and then -> using. you meet the definition of self hosting.

edit: Being said, looking at the log, your deleted post was the one about your current external host provider dropping you due to heavy load(they were eco friendly) right? I can kind of see why they felt this didn’t meet the environment of the community. But i see both sides of the argument.

are you are saying running docker in a container setup(which at this point would be 2 layers deep) uses less resources than 10 single layer deep containers?

I can agree with the statement that a single VM running docker with 10 containers uses less than 10 CT’s with docker installed then running their own containers(but that’s not what I do, or what I am asking for).

I currently do use one CT that has docker installed with all my docker images, which I wouldn’t do if I had the ability not to but some apps require docker) but this removes most of the benefits you get using proxmox in the first place.

One of the biggest advantages of using the hypervisor as a whole is the ability to isolate and run services as their own containers, without the need of actually entering the machine. (like for example if I"m screwing with a server, I can just snapshot the current setup and then rollback if it isn’t good) Throwing everything into a VM with docker bypasses that while adding headway to the system. I would need to backup the compose file (or however you are composing it) and the container, and then do my changes. My current system is a 1 click make my changes, if bad one click to revert.

For resource explanation. Installing docker into a VM on proxmox then running every container in that does waste resources. You have the resources that docker requires to function (which is currently 4 gigs of ram per their website but when testing I’ve seen as low as 1 gig work fine)+ cpu and whatever storage it takes up which is about half a gig or so) in a VM(which also uses more processing and ram than CT’s do as they no longer share resources). When compared to 10 CT’s that are finetuned to their specific app, you will have better performance running the CT’s than a VM running everything, while keeping your ability to snapshot and removing the extra layer and ephemeral design that docker has(this can be a good and bad thing, but when troubleshooting I learn towards good).

edit: clarification and general visibility so it wasnt bunched together.

I don’t like how everything is docker containerized.

I already run proxmox, which containerizes things by design with their CT’s and VM’s

Running a docker image ontop of that is just wasting system resources. (while also complicating the troubleshooting process) It doesn’t make sense to run a CT or VM for a container, just to put docker on it and run another container via that. It also completly bypasses everything that proxmox provides you for snapshotting and backup because proxmox’s system is for the entire container, and if all services are running on the same container all services are going to be snapshotted.

My current system allows me to have per service snapshots(and backups), all within the proxmox webUI, all containerized, and all restricted to their own resources. Docker is just not needed at this point.

A docker system just adds extra headway that isn’t needed. So yes, just give me a standard installer.

I think this is very likely the reason yea.

I’m also now finding out that they had to censor the coverart of the switch 2 edition a few weeks ago as well which I was unaware of. If it turns out they knew for awhile that it would be censored, and just chose not to tell anyone that is going to permanently damper my opinion of their studio. Like it’s one thing to be like “This was forced upon us last minute so we threw a solution together” it’s a whole different situation of knowing that it was going to happen, then refusing to tell the consumers about it since you knew it would lower sales.

Along with that, we asked for comment from AdHoc concerning the decision to censor Dispatch’s Deluxe Edition artwork on the Nintendo eShop as compared to the PC/PS5 release, and if that indicated any censorship in the game itself. We were told that “unfortunately, the studio cannot comment on the topic at this time.” Along with that, it was said that if AdHoc is able to discuss the matter down the road, their comment would be shared with us.

It sounds to me like they knew this change was going to be required at that point, but didn’t want to publicly announce that, which puts a pretty bad taste in my mouth about the intent of the studio.

This is likely it.

There is also the rumor that this wasn’t a choice by Nintendo, but a choice of the dev’s so they didn’t have to have two separate editions to be able to sell in Japan(like they already do for the playstation edition). If that’s the case this makes it even worse IMO since it wasn’t like a last minute “BTW this is a thing” they had plenty of time to tell buyers that the product was altered

The fact that they allow Resident Evil Village of all games on the Switch but don’t allow this animated nudity scene is insane to me. RE Village was one of the most graphic games I have ever seen.

edit: I Just realized Cyberpunk 2077 was released on it no censorship. How did dispatch get censored but that was allowed through lmao

If there’s a way of pulling a Docker container and running it directly as a CT on Proxmox, please fill me in. I’ve been using it for a year and a half to two years now, but I haven’t seen any ability to directly use a Docker container as an LXC.

This is what I currently do with non-specialized services that require Docker. I have one container, which runs Docker Engine, and I throw everything on there, and then if I have a specialized container that needs Docker, I will still run its own CT. But then I use Docker Agent, So I can use one administration panel.

It’s just annoying because I would rather just remove Docker from the situation because when you’re running Proxmox, you’re essentially running a virtualized system in a virtualized system because you have Proxmox, which is the bare bones running a virtualized environment for the container, which is then running a virtualized environment for the Docker container.

For VMs, I fully agree with you, but the best part about Proxmox is the ability to use containers, or CTs, which share system resources. So unlike a VM, if you specify a container has two gigs of RAM, that just means that it has two gigs of RAM that it can use, unlike the VM where it’s going to use that amount (and will crash if it can’t get that amount)

These CT’s do the equivalent of what docker does, which is share the system space with other services with isolation, While giving an easy to administrate and backup system, while keeping it able to be seperate by service.

For example, with a Proxmox CT, I can do snapshots of the container itself before I do any type of work, if where if I was using Docker on a primary machine, I would need to back up the Docker container completely. Additionally, having them as CTs mean that I can run straight on the container itself instead of having to edit a Docker file which by design is meant to be ephemeral. If I had to take troubleshooting bare bones versus troubleshooting a Docker container, I’m going to choose bare bones every step of the way.(You can even run an Alpine CT if you would rather keep the average Docker container setup)

Also for the over committing thing, be aware that your issue you’ve stated there will happen with a Docker setup as well. Docker doesn’t care about the amount of RAM the system is allotted. And when you over-allocate the system, RAM-wise, it will start killing containers potentially leaving them in the same state.

Anyway, long story short, Docker containers do basically the same thing that a Proxmox CT does. it’s just ephemeral instead of persistent, And designed to be plug-and-go, which I’ve found in the case of running a Proxmox-style setup, isn’t super handy due to the fact that a lot of times I would want to share resources such as having a dedicated database or caching system, Which is generally a pain in the butt to try to implement on Docker setups.