DO Ideas 2

Offer LXC-based droplets

Benefits:

* Reduces overhead, in both CPU usage and memory, because of the shared kernel
* Lends itself naturally to file-based backups and snapshots
* Allows for online resizing
* Relieves the user of responsibility for kernel updates

Drawbacks:

* Is still an unproven technology in a commercial hosting environment
* Does not permit control over the kernel for guests

Unknowns:

* May not allow resource isolation as strong as KVM's, but then Linux does have a cgroup-based scheduling option

Since neither KVM nor LXC requires a special kernel or a hypervisor beneath the host kernel, it should be straightforward to offer both, even on the same host machine, and use the same logic for allocating droplets of either type.

  • Matt Campbell
  • Sep 11 2018
  • Will not implement
  • Attach files
  • Moisey Uretsky commented
    September 11, 2018 19:28

    No problem, all suggestions are great and they are here so they can be discussed and the best route forward can be decided upon.

    Thanks for your input.

  • Matt Campbell commented
    September 11, 2018 19:28

    I now see the foolishness of this suggestion. I've already found one gaping security hole in LXC (as configured by default in Ubuntu 12.04), and there may well be more lurking. So the theoretically lower overhead of LXC is not worth the risk. I'm sorry to have wasted your time with this suggestion.

  • Moisey Uretsky commented
    September 11, 2018 19:28

    KVM has proven to be very stable and solid and we're sticking with that for a while but thanks for the suggestion. =]

  • Matt Campbell commented
    September 11, 2018 19:28

    Come to think of it, online resizing might not be viable after all if DigitalOcean uses LVM to allocate droplet storage and wants to share the same host machines between KVM-based and LXC-based droplets.

  • Matt Campbell commented
    September 11, 2018 19:28

    Another benefit:

    * Eases creation of custom images from scratch, since the image need not include the kernel