Digi Embedded Yocto supports containerization, the process of bundling an application together with all its dependencies in a simulated environment. They are lightweight, portable, and self-sufficient units of software.

With Digi Embedded Yocto you can use:

  • LXC

    LXC, or Linux Containers, is a virtualization technology that enables the execution of multiple isolated Linux systems (containers) on a single host. Unlike traditional virtual machines that emulate entire hardware stacks, LXC specializes in operating system-level virtualization. It provides a lightweight environment that shares the host’s kernel while ensuring process and network isolation.

  • Docker

    Docker is a powerful tool for building, deploying, and managing applications using containers. Docker provides a platform and ecosystem for developers and system administrators to create, distribute, and run containerized applications efficiently.

Comparison between Docker and LXC

Abstraction Level

  • LXC operates at a lower level of abstraction compared to Docker. It provides lightweight operating system-level virtualization, allowing you to run multiple isolated Linux containers on a single host.

  • Docker builds on top of the container runtime containerd and adds additional tools and features for container management, image distribution, and application deployment. Docker provides a higher-level abstraction for packaging, distributing, and running applications as containers.

Tooling and Ecosystem

  • LXC is more focused on providing the core functionality for running Linux containers. While there are tools available for managing LXC containers (such as LXD), the ecosystem is not as extensive as Docker’s.

  • Docker provides a comprehensive set of tools and a rich ecosystem for building, packaging, and deploying containerized applications. This includes Docker Engine, Docker Compose, Docker Swarm, Docker Hub, and Docker Enterprise Edition.

Workflow

  • LXC is typically used more for system-level containerization, where you directly interact with the container runtime tools and manage containers using traditional Linux commands and utilities.

  • Docker promotes a developer-friendly workflow with its Dockerfile format for defining container images, Docker Compose for defining multi-container applications, and Docker Hub for sharing and discovering container images.

Portability

  • LXC containers are more tightly coupled to the host system’s kernel and may not be as portable across different Linux distributions or kernel versions. However, recent developments such as LXD and containerd have improved portability and interoperability.

  • Docker containers are highly portable and can run on any system that supports Docker Engine, regardless of the underlying infrastructure. Docker provides a consistent environment for developing, testing, and deploying applications across different environments.

Security

  • LXC provides basic isolation and security features at the operating system level, but additional security measures may need to be implemented manually depending on the specific use case.

  • Docker provides additional security features such as Docker Content Trust (DCT) for image signing and verification, Docker Security Scanning for vulnerability scanning, and Docker Secrets for managing sensitive data.

Summary

Overall, Docker is often preferred for application-level containerization and microservices architectures due to its developer-friendly workflow, rich ecosystem, and portability. LXC is more suitable for system-level containerization and environments where low-level control and performance are critical.

Check the following topics for specific details: