Go full VM

[SkyperTHC]

Move from Docker to full VM.

Advantage are:

1. Better security / isolation
2. More features for user
3. Can run docker, systemd ,... (and distroyboxes)

Disadvantage:

1. Needs more (much more) memory/resources . Currently every containers requires ~4MB. A VM instance for each user would run at 64MB+.
2. It needs access to /dev/kvm (which is rarely available from VPS providers)

Happy to do it but who pays for the resources/serves? We have more than 1,000 users and I can count anyone who donated on 1 hand. The future is VM but somebody else has to pay the bill for the servers please. PM me.

Some great links

1. https://github.com/nestybox/sysbox
2. https://unikraft.org/
3. https://jvns.ca/blog/2021/01/23/firecracker--start-a-vm-in-less-than-a-second/
4. https://gitlab.com/soleil-data-treatment/soleil-software-projects/remote-desktop

[theaog]

Instead of going full VM, I'd suggest to consider another cgroups runtime like LXC/LXD which is vastly more configurable than docker is, giving us fine grained settings for security and user features.

[Jiab77]

It needs access to /dev/kvm (which is rarely available from VPS providers)

It depends, you can also find a cheap bare metal server and create a little custom API that can handle all the job?