4 comments

[ 2.2 ms ] story [ 18.2 ms ] thread
Hi HN,

We’ve been experimenting with an alternative to the “one VM per developer” model for SSH-based development environments.

The project is called Containarium: https://github.com/FootprintAI/Containarium

The idea is simple: - One cloud VM - Many unprivileged LXC system containers - Each user gets their own isolated Linux environment via SSH (ProxyJump) - Persistent storage survives VM restarts

This is NOT Kubernetes, Docker app containers, or a web IDE. Each container behaves like a lightweight VM (full OS, users, SSH access).

Why we built it: We kept seeing teams pay for dozens of mostly-idle VMs just to give people a place to SSH into. Using LXC, we can host tens or hundreds of environments on a single VM and cut infra costs significantly.

What we’re looking for: - Feedback from people who’ve run multi-tenant Linux systems at scale - Security concerns we might be underestimating - Where this approach breaks down in real-world usage - Alternatives we should be considering (LXD, Proxmox, something else?)

Tradeoffs we’re aware of: - Shared kernel (not VM-level isolation) - Not suitable for untrusted workloads - Linux-only - Requires infra discipline (limits, monitoring, backups)

This is early-stage and open source. APIs and workflows will evolve.

We’re not trying to “replace Kubernetes” — just trying to do one thing well: cheap, fast, SSH-based dev environments.

Would love blunt feedback from folks who’ve been down this road before.

I did the exact same thing for my own sandboxing. Through the Proxmox API
I use Incus and Proxmox for this, more mature and have quite a bit built around them. What does Containarium bring to the table compared to them?
How does one run docker inside an unprivileged LXC container?

If a developer can run Docker inside this, what stops them from mounting volumes from the host or changing namespaces?

Is this relying on user namespaces ?