I have a server with a bunch of services just as Docker containers. I see that Proxmox is popular among the self-hosting community. I was wondering why?
I understand that running things in a VM provides better security than running them in a container. But is the difference so important given the relatively low risk that an exploit happens inside a container that leads to doing damage to the host machine?
There’s also obviously the additional overhead of using Proxmox. It wouldn’t be an issue for me as I should have enough resources to, say replace all my Docker containers with VMs. I’m more wondering if the security difference is so massive, or if there is another reason I’m missing why people use Proxmox.
Or am I misunderstanding how people use Proxmox? I was assuming people would use it like how you use Docker, i.e. different services get their own VM/container. If you have a different kind of setup I’d be interested in hearing it.
I think you got plenty of great answers already. Security is not a real concern for a home user. It’s not even for the enterprises. Container escapes are extremely rare and Kubernetes is used very widely among some of the largest companies in the world running thousands of containers.
I think in general people start out in VMs and advance to containers. If you are already using containers stick with it, otherwise you are taking a step back.
Now for why you might want to run proxmox? I do it because I wanted windows, Linux and Jellyfin with hardware decoding on one server.
Interesting perspective—I had thought that running an entire VM would be more difficult, but I’ve never used virtualisation for server stuff, only ever used VMs with a GUI VM manager on my personal computer. Thanks for the input.
VMs on a server are great fun, and there are some use cases where you’d absolutely need them (as parent said, running Windows on a Linux server, etc). I virtualized my whole-network router using virtualized OPNSense which is BSD based.
If you aren’t into spending time (and, eventually , money) on a setup that does “everything”, you don’t need Proxmox.
But it’s fucking AWESOME for tinkering. I think the question to ask yourself is, do you want a homelab, or do you want to just set-it-and-forget-it?
If you want services to be there without spending time on it, keep it simple. If you want the power that added complexity brings, and you have the means (time/energy/maybe money for upgrades etc) then by all means take the leap. It’s fun as hell, if you’re into it.
I’ve worked in enterprise software the better part of a decade and if there were security concerns about container escapes they wouldn’t be so widely used.