Run Docker containers natively in Proxmox 9.1 (OCI images)
19 comments
·November 20, 2025nirav72
dijit
“update”, I assume you mean “recreate with new image”?
I think docker itself doesn’t support that.
doubled112
I use Docker compose to recreate containers with a new image regularly.
I'm sure you could be creative with volumes in Proxmox and build a new LXC container from a new OCI image with the old volumes attached.
dijit
> I use Docker compose to recreate containers with a new image regularly.
try doing so without the compose file though.
haunter
This is something I've always loved about Unraid. The whole apps/containers ecosystem is so well done.
caymanjim
It's unclear to me why running Docker directly in Proxmox (it's just Debian) and using it like any other Docker host is a bad idea, and why this extra layer of abstractions is preferable.
Docker has security issues if you're not careful, and it's frankly kind of a shitshow out of the box with defaults. Maybe that's part of the reason. But I struggle to see how a bespoke solution like this is the right answer.
simcop2387
Largely management, observability, and then the way that docker mucks with firewalls. Running them this way will allow proxmox to handle all that in the same way {I assume) as the LXC and VMS so automation, and all the rest can be consistent
zatarc
I've been running Docker natively on the host since Proxmox 7. The only major problem was an iptables rule that I had to add so that the containers are accessible from outside. Besides that, it runs smoothly.
dizhn
They are converted to LXC images then run. No compose file either. Still pretty neat.
_ache_
I have an "error" "I am not a teapot"
719 - I am not a teapot Espresso Web (Red Hat Enterprise Linux) at raymii.org
Looks suspicious, ... not 418, 719.
radiator
I think 418 is 'I am a teapot' so it would not be correct to use it in your case. 719 must be a typo though, perhaps it should be 419.
squigz
Haha, this was funny. https://datatracker.ietf.org/doc/html/rfc2324
k__
Is this similar to what FlyIO is doing? Running containers as microVMs?
indigodaddy
Perhaps in spirit? But I don't think you can term LXC a microVM, and I doubt they start close to as fast as Firecracker or smolbsd, and similar ilk. EDIT - appears I am probably wrong about firecracker being faster than LXC as LXC is kernel based virtualization and likely has faster startup than microVMs?
I played with this a bit today. Only downside is, no easy way to update containers yet. But on the other hand, no more dealing with macvlan or custom docker networks.