[Rdo-list] Why do I need KVM, XEN, if I can use Docker / LXC?
Matthew Miller
mattdm at mattdm.org
Mon Feb 17 22:55:40 UTC 2014
On Mon, Feb 17, 2014 at 11:42:21PM +0100, Arash Kaffamanesh wrote:
> Why someone shall use KVM, Xen or other hypervisors instead Docker / LXC
> Containers on OpenStack?
Right now, Docker / LXC provide almost no security. When we have SELinux
support, it'll be better, but you're still depending on a shared kernel.
Virtualization provides a much higher level of isolation.
The shared kernel is also limiting in other ways; you are dependent on the
host kernel to have all of the features you need. And of course if you want
a non-Linux system, that's not possible.
Also, I don't think there's currently a good approach for live migration
with containers.
--
Matthew Miller mattdm at mattdm.org <http://mattdm.org/>
More information about the dev
mailing list