One of the most common questions you’ll run into when trying to install Docker in Proxmox is whether you should use a VM (virtual machine) or LXC (Linux Container). I’ve run Docker using both a VM and an LXC for many years, and they are extremely different from a resource and security perspective. In this article, we’ll look at whether you should use a VM or LXC for Docker in Proxmox and then configure each option.
Should You Use a VM or LXC for Docker in Proxmox?
Running Docker in Proxmox on a Linux Container saves resources on the host, is faster, and quite honestly, there’s no other reason to use LXC. In fact, the Proxmox team recommends that you use a VM rather than LXC so that you have the benefit of application containerization. This provides better isolation from the host, increasing the overall hypervisor’s security.
The downside is a VM uses a fixed set of resources, so if you associate 2GB of RAM with the VM, it will always use 2GB of RAM. With an LXC, you’ll only utilize what the LXC actually needs. This is a huge benefit, which comes along with faster boot speeds, so from a performance perspective, an LXC beats out the VM every time. The downside is that from a security perspective, a VM is better isolated (and thus, provides better overall security).
Installing the OS on a Virtual Machine (VM) for Docker
This tutorial to configure a virtual machine for Docker in Proxmox utilizes Ubuntu Server, but you can use just about any distribution you’d like.
1. Download the ISO image of the operating system you’d like to install, select Create VM, then give the VM a name and select Next.
2. Select the Storage location, then the ISO Image, and select Next.
3. Change the System, Disks, CPU, Memory, and Network. After all of the settings have been configured to your specifications, confirm the settings and create the VM!
4. Skip down to the section on installing Docker to complete the installation.
Installing the OS on a Linux Container (LXC) for Docker
Again, the Proxmox team recommends using a VM as opposed to an LXC for long-term stability, though many have used LXC containers and experienced no issues with Docker in Proxmox.
The process below will utilize an LXC container and Ubuntu 22.04, however, you can really use any distribution that you’d like.
1. Login, select the storage location where you’d like to store the container template, select CT Templates, then select Templates.
2. Search for Ubuntu, then select ubuntu-22.04 and Download. For the operating system, you can realistically select any Debian-based OS (I used to use Debian), but I’ve found the performance of Ubuntu to be significantly better.
3. After the template finishes downloading, select Create CT to create a new container.
4. Enter a Hostname, then enter the Password you’d like to use. This password will be used to log in to the root user account. After all the settings have been specified, select Next.
NOTE: Make sure the container stays as unprivileged. You do not want to run Docker in a privileged LXC Container for security reasons.
5. Select the Ubuntu Template, then select Next to proceed.
6. Select the Disk Size for this container, then select Next.
7. Select the total Cores for the CPU, then select Next.
8. Set the total Memory, then select Next.
NOTE: Please keep in mind that this is the limit that this container can use.
9. Change the Network to use DHCP for IPv4 and IPv6 (unless you want to specify them manually), then select Next until you get to Confirm.
NOTE: We are skipping the DNS section, but you can change these settings if you’d like to use a DNS server different than the Proxmox host.
10. Confirm the settings, then select Finish to create the container!
11. Select the LXC Container we just created, then select Options and Edit the Features.
12. Enable “keyctl“, then select OK. You can now start the container!
Installing and Configuring Docker and Portainer on the OS
1. After the container or VM starts, log in with the username root, and password set in step four (of the LXC configuration) or the account configured with the VM. Run the command below to update the system before installing Docker in Proxmox.
apt update && apt upgrade -y2. After the system is updated, run each of the commands below one by one. These are taken directly from the official Docker documentation and are the prerequisites needed to install the latest version.
sudo apt-get updatesudo apt-get install ca-certificates curlsudo install -m 0755 -d /etc/apt/keyringssudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.ascsudo chmod a+r /etc/apt/keyrings/docker.ascAfter the commands above are run, copy and run the entire command below.
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/nullFinally, update the system.
sudo apt-get update3. After all of the commands above have been run, run the command below to install!
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin4. At this point, Docker is fully configured and you’ll be able to create Containers. However, if you’d like a GUI, you can install Portainer using the command below.
docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest5. If you did install Portainer (and after it’s created), you’ll be able to access Portainer using the IP address of the container and port 9000.
https://[CONTAINER_IP]:9443Conclusion & Final Thoughts on Docker in Proxmox
The biggest question you’ll have to answer about running Docker in Proxmox is if you run it on a Linux Container or if you want to use a VM. The actual setup process is very similar for each method, however, the process of setting up the LXC container or VM is where the steps differ. After using both methods, you should have a functional Docker setup that you can utilize and if you use LXC, you’ll save resources as well!
