It is traditional LXC because LXD wasn't out when I set it up originally. I won't build the packages for LXD if I am not even using it properly.
I direct incoming connections using iptables with both the the host and the virtual router. I am extremely confident about moving my installation. I will use Ansible for the provisioning and the configuration. I will install all of the packages I need on a simple VPS. I can still use cgroups to control the resource usage of the processes. It will be moderately easier for me to secure because it is easy to see where everything is and what state everything is in. I backup the VPS with rsnapshot that is running on a host that I have physical access too and I rotate the backup drive to another location. The LXCs are disk images. Could you elaborate on separating data from services? On Thu, 2017-03-30 at 23:07 +0300, Simos Xenitellis wrote: > Is that the traditional LXC or is it LXD/LXC containers? > I have a similar set-up (the latter, with LXD/LXC) and there is also a > vsftpd in the mix. > > I think your question is about best practices and whether your > installation adheres > to some best practices. > How do you direct incoming connections to each container? Do you use > iptables or something else? > If you where to migrate your installation to another VPS, how > confident would you be to do that? > How do you get backups? Do you take snapshots as backups? > > I think that if you reach a point where you separate your data from > the services, the management of the containers > will become much easier and you will feel more confident with the > installation. > > Simos > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
