Proxmox doesn’t recommend to do it.
If you want to run application containers, for example, Docker images, it is recommended that you run them inside a Proxmox QEMU VM. This will give you all the advantages of application containerization, while also providing the benefits that VMs offer, such as strong isolation from the host and the ability to live-migrate, which otherwise isn’t possible with containers.
https://pve.proxmox.com/wiki/Linux_Container
I find it personally trashy, but you do you booboo, people are free to do whatever they want. That’s the beauty
It’s my obsession with security. In general, I hate running things as administrators/root if it doesn’t need it or if it’s possible to give the correct rights to do it without root.
The way I use my Proxmox is:
- applications that doesn’t need specific functionalities and can run in a unprivileged LXC, can be used in a LXC.
- any applications that need specifics functionalities or access that will require a privilegied LXC will go in a VM.
To explain quickly, anything that run as root in your Docker container or LXC can corrupt your host. In my lab I only use Podman, I try to run every container as a user with minimum rights and the application inside the containers as a user too. If I run Podman or Docker inside a LXC, it’s a mess to match the rights correctly between the layers.