| Hi HN, We’ve been experimenting with an alternative to the “one VM per developer” model
for SSH-based development environments. The project is called Containarium:
https://github.com/FootprintAI/Containarium The idea is simple:
- One cloud VM
- Many unprivileged LXC system containers
- Each user gets their own isolated Linux environment via SSH (ProxyJump)
- Persistent storage survives VM restarts This is NOT Kubernetes, Docker app containers, or a web IDE.
Each container behaves like a lightweight VM (full OS, users, SSH access). Why we built it:
We kept seeing teams pay for dozens of mostly-idle VMs just to give people
a place to SSH into. Using LXC, we can host tens or hundreds of environments
on a single VM and cut infra costs significantly. What we’re looking for:
- Feedback from people who’ve run multi-tenant Linux systems at scale
- Security concerns we might be underestimating
- Where this approach breaks down in real-world usage
- Alternatives we should be considering (LXD, Proxmox, something else?) Tradeoffs we’re aware of:
- Shared kernel (not VM-level isolation)
- Not suitable for untrusted workloads
- Linux-only
- Requires infra discipline (limits, monitoring, backups) This is early-stage and open source. APIs and workflows will evolve. We’re not trying to “replace Kubernetes” — just trying to do one thing well:
cheap, fast, SSH-based dev environments. Would love blunt feedback from folks who’ve been down this road before. |