LXD is an open source container management extension for Linux Containers (LXC). LXD both improves upon existing LXC features and provides new features and functionality to build and manage Linux containers.
LXD is a representational state transfer application programming interface (REST API) that communicates with LXC through the liblxc library. LXD also supplies a system daemon that applications can use to access LXC and has a template distribution system to enable faster container creation and operation.
Container users should understand that LXC is a Linux system container technology, which is, in some ways, similar to hypervisor-level virtualization, such as VMware ESXi, and, in other ways, similar to application containers, such as Docker.
Important features of LXD
LXD builds on LXC's basic feature set and enhances its capabilities. LXD's benefits include:
- a powerful command-line interface (CLI);
- high scalability;
- improved security, as seen in unprivileged container settings and resource restrictions;
- device pass-through capabilities for Universal Serial Bus (USB), network interface cards (NICs), disks, graphics processors and other hardware;
- improved control over compute resources;
- network and storage management capabilities, such as storage pooling;
- snapshots of running containers; and
- live migration of running containers between hosts.
LXD can also integrate with cloud platforms, such as OpenStack. For example, the Nova LXD project offers a plug-in for OpenStack Nova to integrate containers into OpenStack. Users can create virtual machines (VMs) or containers.
Containers in LXD comprise many elements, including a file system named rootfs; a set of profiles and configuration options that includes the aforementioned resource specifications and limits; device references, such as disks and network interfaces; properties, such as a container's ephemeral or persistent state; and runtime details that are captured by snapshots.
Benefits and drawbacks
While LXD builds upon LXC to enable fine-grained container control and operational security, LXD is not for everyone. The feature set serves no purpose by itself and is only intended to operate in conjunction with LXC. It is possible to use LXC without LXD, but this provides only a bare subset of functions. Instead, LXC is almost always used together with LXD. But taken together, LXC and LXD offer a powerful and practical alternative to other container platforms, including Docker and CoreOS Rkt.
While a viable alternative to other containerization technologies, LXC system container technology does not include an application delivery framework comparable to Docker and Rkt and should not be considered a one-to-one replacement.
LXD versus Docker and Rkt
The fundamental difference between LXC/LXD and other tools such as Docker or Rkt is the type of container that is created.
Docker and Rkt application containers provide ephemeral, stateless containers using minimal resources. Docker and Rkt can download, cryptographically verify and run application container instances.
LXC with LXD creates instances similar to lightweight VMs -- each container running a full Linux system. Each Docker or Rkt container shares the same operating system (OS) kernel.
Docker relied on LXC in its early development but has since changed its code base to create an entirely different platform for containers. Still, Docker is noted for its similarities to LXC/LXD containers. The Rkt tool does not use a daemon, allowing different integration opportunities than Docker.
System and application container platforms are not mutually exclusive and can potentially coexist to provide different instance types depending on user needs. For example, a user can nest a Docker container in an LXD-managed LXC container.
Deployment and implementation in the Linux kernel
LXD is typically added to the Linux kernel. Packaged LXD distributions are available for numerous Linux distributions, including Fedora, Debian, openSUSE, Ubuntu, Alpine Linux, Arch Linux and Gentoo. Users can also obtain LXD builds for Windows and macOS.
The actual installation varies depending on the OS in use but generally relies on Linux commands, such as add and install. A user can also deploy LXD manually from source code. This approach typically requires the latest version of liblxc, the Linux tool Checkpoint/Restore (CRIU) in Userspace and Golang. All of these components should be installed separately. The user then downloads the LXC client and LXD server to the desired directories and adds them to the kernel to create the LXD daemon binary and the LXC command-line client to the LXD daemon.
LXD cost, availability and support
LXD is free and generally available in two release types. Long-term support (LTS) is the production-ready release version. LTS releases include bug fixes and security updates over a period of years but should not receive major new features. Feature releases are the more experimental LXD branch, appearing on a monthly basis with features and functionality that users can try.
Canonical launched LXD in late 2014 and remains a major contributor to LXD. However, LXD is an open source project, so an adopter should consider support when implementing LXC and LXD in a production setting. Support can be obtained from the user community, through professional consulting or service providers, or through the principal Linux vendor. For example, Canonical provides commercial support for LXD on Ubuntu LTS releases.