So I'm not sure if maybe I'm missing something, but my performance is really bad within docker. And something is goofy with the disk usage. I downloaded a 3.5gb docker image (which downloaded at an expectable speed) and it took roughly 45 minutes to extract and used about 48gb on the disk after extraction. Definitely not what it was supposed to use. Any thoughts on what might be causing this? I also checked the CPU usage and it was in the low 10% during the extraction.
Sorry, just seeing this. It's hard to say because everyone's hardware setup is different. It could be that or a software/config setting in proxmox related to storage... Sorry I know that's not helpful.
excellent video! Exactly what I was looking for as I want as little overhead as possible on a system for Docker Containers. Very helpful and straight forward!
Thank you, I will try to setup it up this way. I have watched many videos and your video it's very easy to follow along. also I am subscribing to your channel!
i dont mean to be offtopic but does anybody know a method to log back into an Instagram account..? I stupidly lost the account password. I appreciate any tips you can give me!
@Caspian Damari I really appreciate your reply. I found the site thru google and I'm in the hacking process atm. I see it takes quite some time so I will get back to you later when my account password hopefully is recovered.
Syedmaaz Rehan what is it about Docker that you want to see? Maybe I can point you to some good videos I learned from or make my own that explains it in my words.
@@AllenSampsell For starters I'd like know how to get started with it and perform sandboxing (isolation) from other containers in Proxmox. You can point me to other videos which you used as reference point for your videos. One other thing. Have you ever tried 64-bit Sophos UTM in Proxmox? I was not able to do it as it got stuck at 33% when it came to install the enterprise tool kit. The 32-bit works just fine.
Syedmaaz Rehan if you’re looking for separation from other LXCs you’ll have that in running it unprivileged. I don’t think that counts as “sandboxing” though.
drreality1 great question. It can absolutely be done that way. But, I don’t like messing with the host system if I can help it. Will it affect updates to Proxmox? Will I lose my work in the containers? And what about the security implications of running it right on Proxmox. Again, it can be done that way. But I wanted a cleaner approach. So far it’s worked really well for my small use case.
I don't understand the use case for this. Docker and LXC are bother container platforms. What's the purpose of running a container platform inside a container from a different container platform? Proxmox sits on Debian, so wouldn't it make more sense to install Docker straight onto Debian, thus removing a layer of abstraction?
Similar but different... Docker and LXC are not the same thing. LXC is essentially a lightweight VM. Docker images containerize individual applications. You could install Docker straight onto the Proxmox host, but this has security implications and may be impacted by system updates. People do it, but I don't recommend it. Putting Docker into an LXC gives you a small and fast platform that can be backed up using the native Proxmox functions. I find that useful but you of course are free to do it however you like. :)
Nice video. I am planning a similar setup. Why did you choose to run the Ubuntu server for docker in a LXC container as opposed to creating a VM, or even installing docker directly on Proxmox?
Installing on Proxmox itself is a security risk and I have VMs running that I wouldn't wan to disturb if I messed something up. A Container just seemed like a great environment to be able work and learn in. I did start with a VM first, that is completely doable, but I saw performance gains using an LXC. The downside is the highly protected nature of the Unprivileged LXC does inhibit the use of shared drives i.e. CIFS/SMB. So it can work both ways.
I use a browser plugin called Stylus to implement it but there is also a way to install it directly onto your server if you want. I just like the option to be able to turn it off when I want. github.com/Weilbyte/PVEDiscordDark
hi Allen!!!, thank you for your video, it is very didactic... I have a question for you, is it possible to run docker into a LXC with alpine SO?.. (sorry for my awful english xD)
Juan Esteban Colcombet sorry lol I don’t think didactic is a good thing. But absolutely you can use Alpine. That is how I did it at first but switched to Ubuntu because I’m more familiar with its commands. Alpine is slightly different so lots of the guides out there which are aimed at Ubuntu become less helpful.
@@AllenSampsell sorry for "didactic" xD... I very like your video... Please can you help me with a docker installation in alpine? I have a error when I try to run hello-world container. # docker run hello-world docker: Error response from daemon: cgroups: cannot find cgroup mount destination: unknown.
@@AllenSampsell same error, I installed alpine-sdk (wiki.alpinelinux.org/wiki/Include:Setup_your_system_and_account_for_building_packages) but the same error is still happen... any way, thank you for your help :)
if i make it an unprivileged container then it wont be possible to make any backups on an external storage, like on my NAS... is there any workaround or setting which fixes that, when making it an unprivileged container?
freeuser616 from what I understand you can mount a NAS share directly to the underlying Linux OS and the container should have access at that point. But it’s really a workaround to me. If you trust the containers you’re running you could make it privileged.
Jim Unroe the personal homepage that runs in a Docker container is called Heimdall you can find it on the Docker hub at linuxserver/heimdall. It’s pretty cool.
@@AllenSampsell With what I learned from the "Installing Docker and Portainer in LXC" video, I have successfully installed the Heimdall docker and pinned Portainer on the dashboard. Thanks.
Jim Unroe glad it helped. I changed my homepage to heimdall’s IP address on my browser and you can even make buttons for favorite websites if you want. They don’t all have to be self hosted apps. But it helps.
I was creating a Debian LXC container but ran into issues. I currently have 1 VM setup and running and have the whole NVME drive setup. I had the Debian images downloaded and when I get to the storage area, It shows nothing. Template has my main "Storage" but the Root Disk doesn't show any "Storage" options. Do you know how to create a new Storage area on a already setup drive? I can't seem to find the proper way to do it without messing up my partitions and everything.
One of you LVM drives from the main install has the ability to store templates for LXC as well as ISO file. You just gotta find it. You can add other drives or even better a shared folder from a NAS that can be used.
Thanks for your Vids Allen. Unfortunately, I play along at home and don't get the same results. I'm doing this in July 2020, so Proxmox is now 6.2-4 and Ubuntu is 20.04. I got as far as this video and then went to install Docker (in accordance with one of you other videos). By the time docker is installed, it all looks good: "root@DockerLXC:~# systemctl status docker * docker.service - Docker Application Container Engine Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2020-07-29 09:26:50 UTC; 2min 11s ago TriggeredBy: * docker.socket Docs: docs.docker.com Main PID: 3693 (dockerd)" But if you run the standard docker check when installing on "bare metal" hello-world, of course it's not there and needs to down loads it successfully but you get this error when you run it: "Status: Downloaded newer image for hello-world:latest docker: Error response from daemon: AppArmor enabled on system but the docker-default profile could not be loaded: running `/sbin/apparmor_parser apparmor_parser -Kr /var/lib/docker/tmp/docker-default692500649` failed with output: apparmor_parser: Unable to replace "docker-default". Permission denied; attempted to load a profile while confined? error: exit status 243." I have no idea what this means. Any help would be appreciated or even a hint of where to start
Allen, I watched this video a couple of more times to see if I missed something and if there were differences with the versions of Proxmox and Ubuntu. The hint came at the 10 min mark - the keyctl and nesting needing to be checked. The keyctl option was greyed out. It tuns out that is only available when its an unprivileged container - the only place you can change that is when setting up the generation of a container. Another thing I noticed was that you had the firewall option unchecked. I think later versions they have these default checked. So by unchecking the firewall, making sure the container to be generated was unprivileged, I could then check keyctl and Nesting in the options before starting the LXC. Docker then installed without a hitch and hello-world worked as it should. I hope this helps anyone else having hassles getting it set up
Unfortunately there are just so many variables that it would be hard for me to nail that down even with those error messages. Is your LXC privileged or unprivileged? The default status of an LXC definitely changed since I made that video. Also, is there a reason you're using Ubuntu 20? The template for 18 is still there... Unless you are planning to use the LXC for something other than just docker you could try 18 and see what happens.
@@hardergm Got it! I face another problem, can't make NFS worked on the same LXC server as the NFS will need Privileged with NFS checked. But as you mentioned the keyctl couldn't be selected if we set Unprivileged on.
Frank B sorry but I didn’t install the desktop edition. It’s the LXC template which is basically the server version. I suppose you could install a desktop and then VNC or xRDP inside it but it would need a lot more disk space. I kept it simple with the server version.
@Allen Sampsell I noticed the ISO you had was "ubuntu-18.04.1-desktop-amd64.iso". Isn’t the template just a holder for the ISO? Maybe I’m missing something here. I do not know Linux at all, but I was told that Ubuntu was the easiest way to transition from Windows, So I got a small computer and installed Proxmox and for months now I have been trying to install Ubuntu desktop in an LXC container. I came across one guy who has a tutorial on a Proxmox forum that converted Ubuntu server into a GUI desktop. It didn’t work for me. Would you be willing to show a video on installing Ubuntu in an LXC container? I would appreciate that very much Thanks for your videos, they are very helpful Frank
Frank B yeah I think you’re definitely missing something. I did show ISO files and one was Ubuntu Desktop. But you use the ISO files to create Virtual Machines in Proxmox. Depending on the computer you’re using you might want to just erase Proxmox and install Ubuntu directly. But if you’re doing it just to test different Linux distros then Proxmox will still work. But an LXC is supposed to be small and used for a specific purpose. So it’s not designed to be a desktop version. And if you’re coming from Windows I’d like to suggest you try Mint instead of Ubuntu.
@@AllenSampsell Thanks for your suggestions Allen. I think I will try a VM instead. I have other containers in Proxmox that I want to keep, so Proxmox needs to stay. Hopefully, I can get it to work in a VM. Thanks again
@@SomethingNewToDo Linux Mint Cinnamon is a really nice transition from windows, I used virtual box on a windows ssd to test them and found mint to be the simplest transition. Now I'm dual booting until I find that I no longer need anything from the windows machine.
Aaron Horne lol yes I do. I don’t really use a script so I wander a bit with a stream of consciousness approach. I’m testing out using a script for new videos.
triplexinaz lol no he has a point. I do tend to ramble at times. So I take it as constructive criticism. I’ve been working on it though. My latest video I give a quick version up front and a detailed explanation after that. So hopefully people get what they need but might come back for more info if they want.
