After a few earlier failed attempts, today I was successfully able to create an unprivileged LXC container on Debian Stretch for the first time. I had experience of using LXC's more user friendly cousin LXD before I moved to Debian but unfortunately LXD is not available on Debian yet. While LXC is more low level compared to LXD, if you just need a basic container, it's still pretty solid. The Debian wiki on LXC container is fairly straight forward and easy to follow, but still for someone who is a novice to both Debian and LXC, it is very easy to get lost. So I am writing this post so that it can be a good place to start if you need a very basic setup.

This is my second post on LXD containers. Sometimes, using a container is a cleaner way to install and use applications for a number of reasons:

• You can install packages from any version of any distribution. That means, even if you are using an LTS release of Ubuntu like me, you don't necessarily have to stick to an older version of a package. Or if some package is only supported on rpm based distributions, you don't need to worry about it.
• You can go ahead and completely uninstall/reinstall it at any time without worrying about residual files or configurations.
• You can roll back to a previous state in no time if something goes wrong unexpectedly (lxd snapshots!)
• And then there is the security perspective also (lxd containers are secure by nature).

Last weekend I tried running mysql database from a local container and connect to it from my local system. Here's how:

Lately I have been playing around with LXD containers and I must say that I am quite impressed with it. LXD is the virtualization technology that can be used to run a Linux container on a Linux host using the same kernel as the host.

Well, it's a little difficult to grab the idea at first. Unless of course you interacted with it before. You can think of it as a virtual machine that you run using VirtualBox or VMWare on your Linux or Windows host machine but the difference is that when you run a virtual machine, you are running a separate kernel inside the virtual machine but in this case, you are fooling the guest OS running inside the LXD container into thinking that it's running its own kernel whereas it's just using the same kernel running on the host OS. And the result is that you get an isolated container with a much smaller memory footprint and little overhead compared to a full blown virtual machine.