Difference between LDX containers and VMs

I was wondering some basic things about LDX containers (how they are different from virtual machines) and also why they would be preferred for shared web hosting:

So as far as differences between VMs - do you allocate a certain amount of RAM or HD space to them? Or can you set them and they scale?

Why would they be preferred for shared web hosting? It seems like there would be some security benefits. Would it guarantee some performance if one site got a ton of traffic?

Would there be any disadvantages to running LDX containers?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

nociSoftware EngineerCommented:
LDX?... or do you mean LXD... LXD is the frontend for LXC.
LXD is a management layer for LXC...
With LXC  all conatiners (Like Docker) share one kernel... which presents itself as a unique instance to each container.
With regular VM's all VM's also run their own kernel.  (Full VM's or Hypervisors).
With Docker & LXC the kernel code is shared among all containers.

This requires that the container systems are of the same architecture as the host. (Host Linux -> Container Linux  or Host Windows -> Container Windows).... With VM's the Host & Container can differ.   (BTW, Using a Debian Container under a CentOS Host will work if both support the same kernel, mostly does work).

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
burnedfacelessAuthor Commented:
so will I allocate RAM or HD Space to a container?
nociSoftware EngineerCommented:
Yes, but the disk space is a subdirectory on your existing disk...  (that sub directory is the "root" for the container.
(The container cannot go upwards; the host can go into the container directories).
All processes "inside" the container share the RAM with the host. (they are part of the host page tables etc.).
Within the container the uid 0 is NOT uid 0 in the host. (there is a renumbering schema).
Same for PID's so a process list inside the container is different from outside of the container. (try a ps command on both).
One container will not see, be able to access processes & data from another container or the host.
The Five Tenets of the Most Secure Backup

Data loss can hit a business in any number of ways. In reality, companies should expect to lose data at some point. The challenge is having a plan to recover from such an event.

Much depends on your needs. The point noci made.
Lxds operate at host resource level, while VMs are guests and depend on scheduling by a hypervisor allocating resources between/among VMs.

The container provides some isolation compared to a straight forward shared hosting. I.e. DDoS on one site, impacts all, while in the lxd, the impact could be limited to the site/sites within the container only.

VMs you have/consume more since you have to install the os, conf...
burnedfacelessAuthor Commented:
Thanks guys one last question - do I need to give each LXD their own IP Address, or is it sufficient to use IP Tables to forward the request to the container's local IP Address?
nociSoftware EngineerCommented:
the LXD daemon (runs once..., has one address).... it starts LXC environments..
that can have private nets, natted nets, bridged nets...

LXD is the management interface.. (if you compare to XEN,   the Dom0..., and DomU's are done through LXC).
Prabhin MPEngineer-TechOPSCommented:
LXD has it own private netwok, which include the network configuration like bridge, nat,.
For outside access to map to internal network address to the container.
Hope this will help you
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.