1. Programming-level, e.g. Python's Virtualenv
  2. OS-level
    1. Application encapsulating:, e.g.Docker (ephemeral, separate storage)
    2. OS encapsulating, e.g. LXC, LXD, and kind-of chroot (UNIX)
  3. Hardware virtualisation
    1. Heavyweight OS (Type 2 hosted hypervisor), e.g. Vagrant (depending on back-end), Virtualbox
    2. (Type 1 bare metal) Hypervisor, e.g. KVM, Hyper-V

Docker, LXC, LXD (uses LXC) all use, on Linux, Linux cgroups and namespaces(net, user, pid, ipc, cgroup).

Kubernetes can be used for orchestration.

You also have things like Firejail, Snap/Flatpak, and AppImage.

Containers may conflate:

  • Security via isolation
  • Packaging dependencies
  • Efficient resource utilisation

Developing with Vagrant

Consider LXD as a lightweight, non-portable alternative.

This is useful if you are working on conflicting projects, or want to keep your computer tidy. Keep your setup on your host (text editor and IDE appliations and their config files), and run the project (any executables) within the container. A shared folder can be used to store the repository.

Vagrant is easy if you use the default Virtualbox provider. And, apparently, impossible with vagrant-lxc :/


Create a merging custom Vagrantfile in ~/vagrant.d/.

If you encounter an issue with double port-forwarding (i.e. a port-forward inside the guest and then using Vagrant's port-forward to forward it to your host): TODO: I have no idea what that is doing ATM.

# Port Forward from local port 8000 to remote port 80, listening on all addresses so that Vagrant's port forwarding works.

kubectl port-forward --address 8000:80

Developing with Docker

Best Practises

  • Use hadolint, a docker file linter
  • Use tini as the correct init (forwards signals and reaps zombies) (article)

results matching ""

    No results matching ""