use LXC under heavier virtualization (Xen, KVM,Hyper-V,VMVare)
Is it possible to use LXC under heavier virtualization (Xen DomU, KVM, Hyper-V, VMVare) ? I would like to use it as security (isolation) tool, the ability to limit resource consumption is not priority for me. I am only interested if it can be done in a straightforward way; similar to using LXC on non-virtualized server. I do not want to use too tricky setup on production server.
Solution 1:
Here's an Ubuntu page that shows that you can run in under KVM - https://help.ubuntu.com/community/LXC
--additional info--
I've just completed live implementation of LXC under VMware VSphere, as part of it I did a couple of Proof of Concepts that implemented LXC under KVM and VirtualBox as well here's the link:
http://uncommonsense-uk.com/2012/virtual-machine-stacking-using-lxc-on-top-of-esx/
-ActionJack
Solution 2:
Yes you can. LXC is virtualization per OS; moreover, It's process's isolation, so hardware specific requirements for virtualization doesn't need to be complied. The only thing that you need is a recent kernel >3.13 for all the proper LXC dependencies like namespaces and cgroups.
BUT, you have to be really careful about how you are going to manage your networking architecture/configuration because it can be a pain to set up when you are trying to create a network inside a full virtual machine(KVM, Xen, etc). I strongly recommend using NAT plus a DNS resolver to communicate with the LXC containers.
Solution 3:
I can't talk for Xen or KVM but neither Hyper-V not ESX/i directly support LXC but of course they all support various linuxes and certainly ESX/i allows a hypervisor-within-hypervisor so it might work like that.