Proxmox Virtual Environment (Proxmox VE) is one of the most powerful open source platforms for virtualization and container management, which is widely used for running VMs and Linux Containers (LXC). Combining it with a containerizing application, such as Docker makes many developers and system administrators want to use them together.
Proxmox Docker combination allows you to benefit from PVE’s resource management, snapshots, and clustering and leverage Docker’s simplicity for application deployment at the same time.
In this guide, we will walk through the different approaches to run Proxmox Docker, the installation steps, and how to make the most out of this hybrid setup.
Can You Run Docker on Proxmox?
You can run Docker on Proxmox using these two primary approaches:
- Docker in a Proxmox VM: this is one of the most common methods and you can create a virtual machine, install Docker, and manage in the regular manner. This offers high flexibility due to strong isolation and compatibility with Docker features.
- Docker in a Proxmox LXC Container: this is a lighter option where you can run Docker inside an LXC container. This requires less resources as compared to a completely isolated VM.
Both methods are reliable and the choice depends on your team and security requirements.
Installing Docker on Proxmox
Here is how you can install Docker on Proxmox in the two main ways described above:
Get exclusive access to all things tech-savvy, and be the first to receive
the latest updates directly in your inbox.
Installation in a VM (Debian/Ubuntu)
Using an isolated Virtual Machine, you need to:
- Create a VM in Proxmox and choose either Debian or Ubuntu for compatibility. Also assign and employ the required resources, such as CPU, RAM, and storage.
- Then update the system, using: sudo apt update && sudo apt upgrade -y
- Install the Docker dependencies using:
sudo apt install apt-transport-https ca-certificates curl software-properties-common -y
- Add Docker’s official GPG key and repositories:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg –dearmor -o /etc/apt/trusted.gpg.d/docker.gpg
echo “deb [arch=$(dpkg –print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable” | sudo tee /etc/apt/sources.list.d/docker.list
sudo apt update
- Install Docker Engine
sudo apt install docker-ce docker-ce-cli containerd.io -y
- Run Docker without sudo
sudo usermod -aG docker $USER
newgrp docker
Now you can run containers inside your Proxmox VM like on any other server.
Installation in an LXC Container
- Create an LXC container in Proxmox using a Debian/Ubuntu template. Enable nesting and (if needed) privileged mode in the container options.
- Update the container by running: apt update && apt upgrade -y
- Install required dependencies:
apt install apt-transport-https ca-certificates curl software-properties-common -y
- Add Docker’s GPG key and repo, then install
Same as the VM steps:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg –dearmor -o /usr/share/keyrings/docker.gpg
echo “deb [arch=$(dpkg –print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable” | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update
apt install docker-ce docker-ce-cli containerd.io -y
- Verify Docker installation by running docker run hello-world
Proxmox and Docker Networking
Networking is one of the most important considerations when running Docker on Proxmox, as it impacts how containers communicate with each other, the hosts, and the outside world.
- Bridge Networking (vmbr0): Most of the Proxmox setups use a Linux bridge that is connected to the host NIC. Both VMs and LXC containers can use this specific bridge, which gives Docker containers direct access to the LAN.
- NAT Networking: using NAT networking, you can assign private IPs to VMs or LXCs and then use NAT for outbound traffic. This is a better and more secure manner but it requires port forwarding for external access.
- Docker Networking Modes: inside your VML/LXC, Docker supports bridge, host, overlay, and macvlan networks.
Storage Considerations for Proxmox Docker
Storage considerations have an effect on both Docker’s performance and reliability on Proxmox.
- Use Docker volumes or bind mounds for a continuous storage stream instead of containers.
- Proxmox has multiple backends like ZFS, Ceph, LVM, or NFS to store data for scalable and redundant storage.
- Proxmox snapshots work best when Docker data is stored on mounted volumes rather than inside ephemeral containers.
- Use ZFS or Ceph storage pools in Proxmox and map them into Docker redundancy and easy recovery.
Managing Docker on Proxmox
Managing Docker inside Proxmox VMs or LXCs is similar to managing it on a separate server, but Proxmox adds an added layer of flexibility.
| Feature | Functionality | Description |
| Portainer | Container & image management | A lightweight GUI for managing Docker containers, images, and networks. Can be installed inside the VM/LXC. |
| Docker Compose | Multi-container orchestration | Useful for defining and running multi-container apps. Works normally in both Proxmox VMs and LXCs. |
| Resource Allocation | CPU/RAM quota control | Proxmox lets you set CPU/RAM quotas per VM or LXC, preventing Docker containers from consuming all host resources. |
| Cluster Management | Node migration & scaling | With Proxmox clusters, you can migrate VMs/LXCs running Docker to other nodes, but persistent storage must be handled properly. |
Performance: Docker on VM vs LXC in Proxmox
When running Docker on Proxmox, performance is highly dependent on the approach that you are using:
- Virtual Machines offer a better isolation factor but increases the overhead costs due to virtualization. They are an ideal solution for production that require intense security, snapshots, and compatibility.
- LXC Containers are more lightweight in comparison and efficient, which offers a bare-metal performance.
In general, for maximum speed and resource efficiency, Docker in LXC is faster, but Docker in a VM is safer for mission-critical deployments.
Security Considerations with Proxmox and Docker
Security is another important consideration while implementing Proxmox with Docker. The two methods have different security restrictions, such as:
- Running Docker inside a Virtual Machine offers an extra layer of isolation between the containers and the host. It is mostly recommended for untrusted or public Docker workloads.
- Running Docker inside an LXC container is less secure since LXC has a shared kernel.
Common Issues and Fixes For Proxmox Docker
| Issue | Cause | Fix |
| Docker fails to start in LXC | Missing cgroup support or incorrect config | Enable nesting=1 and keyctl=1 in LXC container options |
| Network issues with containers | Misconfigured Proxmox bridges or firewall | Verify bridge setup in /etc/network/interfaces and check firewall rules |
| Slow performance in VMs | Limited resources or default disk settings | Assign more vCPUs/RAM and enable VirtIO for networking and storage |
| Storage errors in Docker | Using unsupported storage driver | Switch to overlay2 driver and ensure ext4/xfs filesystem support |
| High resource usage | Too many containers or unoptimized workloads | Use monitoring tools like htop, docker stats, and optimize container resource limits |
Conclusion
Running Docker on Proxmox offers increased flexibility and allows you to choose between VMs or LXC containers for better isolation and performance respectively. By learning the two approaches in detail, you can make the best decision for your team.
FAQs
What’s the best way to install Docker on Proxmox?
The easiest and most reliable method is to install Docker inside a Debian or Ubuntu VM. You can use the official Docker installation script for a clean setup.
How does networking work for Docker on Proxmox?
You can bridge the Docker network to the Proxmox bridge (like vmbr0) to enable external access. For multiple containers, use Docker’s bridge or macvlan networks for better traffic separation.
Are there any performance differences between Docker on VM and LXC?
Yes. LXCs have slightly better performance due to reduced virtualization overhead, but VMs offer more flexibility, security, and compatibility with complex Docker workloads.
