Lightweight Virtualization: LXC Best Practices

by Christoph Mitasch (Thomas-Krenn.AG)

Thursday, 23.05.2013, New York I, 16:00-16:45 Uhr

Operating system-level virtualization allows running multiple isolated Linux containers with only one kernel. It has the smallest overhead and is used since a decade by the webhosting industry for virtual private servers (lately called cloud server).

Linux-Vserver started in 2001, followed by Virtuozzo/OpenVZ with patches to the Linux kernel. In contrast LXC has the goal to bring everything into mainline kernel. It's included since 2.6.29 and most of the distributions support it. LXC makes use of kernel namespaces for isolation and uses cgroups (control groups) for resource limits.

Best practices, pitfalls and how LXC can be used in HA environments with Pacemaker are shown. The new apparmor profile that makes the use of LXC more secure is also discussed. The presentation is intended for system architects, administrators and developers. The level of technical experience is moderate.

About the author Christoph Mitasch:

Christoph Mitasch is working as a technology specialist at Thomas-Krenn.AG. He is currently responsible for maintaining and advancing the webshop infrastructure. Starting as a university project in 2002, he has acquired in depth knowledge in the area of high availability and data replication in Linux. After a few years at IBM, he joined Thomas-Krenn.AG and developed a Linux HA cluster solution with integrated virtualization. Christoph was a speaker at LinuxTag, LinuxCon Europe, Linuxwochen, CeBit and Systems.