Re: [Rdo-list] Why do I need KVM, XEN, if I can use Docker / LXC?
On Mon, Feb 17, 2014 at 11:42:21PM +0100, Arash Kaffamanesh wrote:
Why someone shall use KVM, Xen or other hypervisors instead Docker /
LXC
Containers on OpenStack?
Right now, Docker / LXC provide almost no security. When we have SELinux
support, it'll be better, but you're still depending on a shared kernel.
Virtualization provides a much higher level of isolation.
The shared kernel is also limiting in other ways; you are dependent on the
host kernel to have all of the features you need. And of course if you want
a non-Linux system, that's not possible.
Also, I don't think there's currently a good approach for live migration
with containers.
--
Matthew Miller mattdm(a)mattdm.org <http://mattdm.org/>