One of the things that I really like about Proxmox is all the options it gives when it comes to running containers. And, with the new release of Proxmox VE 9.1, there is yet even another way to run your containers in your home lab environment with OCI containers. So, now these containers have become a “first class citizen” in Proxmox and natively supported. So, let’s now compare the three valid ways to run containers in a Proxmox environment in 2025, their strengths and weaknesses, and see which one is right for your home lab or production environment.
What Changed in Proxmox VE 9.1
Let’s first of all review what changed in Proxmox VE 9.1 in case you haven’t heard or didn’t catch my introductory blog post on Proxmox VE 9.1. You can check out that full post here: Proxmox VE 9.1 Launches with OCI Image Support, vTPM Snapshots, and Big SDN Upgrades.
Below is from the local template storage screen where we now have the Pull from OCI Registry button in Proxmox VE 9.1.
Below is a quick list of the high points:
- It now has native OCI container support – This means you can now pull, update, and run OCI images directly on the Proxmox host without needing a Docker VM
- You have support for container templates built from OCI images
- It also means you have support for OCI registries including Docker Hub, GHCR, Quay, and custom registries
- You can take advantage of snapshots and backups for OCI containers using Proxmox storage, including ZFS
- It also has SDN improvements that apply to containers and VMs
- It has integration with the existing Proxmox permission and storage framework for unified container management.
This is a pretty big step forward for home labbers who want to reduce their VM sprawl just for running containers. Now, with the ability to run OCI containers natively on Proxmox, you can pull an application image from something like Docker Hub, and Proxmox spins this up automatically for you inside an LXC underneath the hood, but using the OCI container. So it isn’t including Docker Engine in Proxmox 9.1, but instead is using the LXC container technology to run the OCI container image.
There are some very cool advantages to this since it means that you no longer have to worry about spinning up a dedicated Docker container host running in a VM on your Proxmox host. Also, running Docker in LXC isn’t really supported. And, even though LXCs are lightweight in themselves, it is still all the manual installation steps for whichever application you would run if you decide to just natively install whichever app inside the LXC.
- Check out my post on how to run Docker on Proxmox the right way: How to Run Docker on Proxmox the Right Way (and Avoid Common Mistakes).
The disadvantages of the OCI containers in Proxmox 9.1 include the fact that it is bleeding edge new. So, this is still a technology preview and not GA as of yet. Also, there isn’t a built-in or clear way to update these new OCI containers in Proxmox.
So now that Proxmox has three ways to run containers on top of the hypervisor, how do they compare and which one should you choose when?
Docker VM
Running Docker or Prodman inside a virtual machine is still the most flexible way to run your containers in Proxmox. This is an easy way to run your Docker containers. The workflow for running your containers this way is also pretty simple. First, you create a VM and install it with an OS like Ubuntu Server, or Debian. Then, you install Docker, and start spinning up your application containers. You can use raw Docker Compose code from the command line. Or, you can use a tool like Portainer or Komodo or run your containers using Kubernetes like k3s.
Pros of using a Docker VM
- This is the way to run Docker that has full compatibility with anything built for Docker or Kubernetes
- This is the way that most run Docker in production environments
- You can take advantage of advanced networking using macvlan, IPvlan, overlay networks, Swarm, or k3s CNI plugins.
- Easy integration with tools like Portainer, cAdvisor, Prometheus exporters, Traefik, and Watchtower.
- Snapshot and restore the entire VM with all containers included.
- Highly portable. You can migrate the VM between home lab hosts, clouds, or test clusters.
- Clean separation of the Proxmox host OS and the container runtime.
Cons of a Docker VM
- Resource overhead from the VM itself
- It is less efficient than LXC or Proxmox native OCI containers
- You have more maintenance due to OS patching inside the VM
- More layers between the hardware and the containers
When a Docker VM is the right choice
If you run many containers, use Docker Compose files, depend on Portainer or Traefik, or want to deploy Kubernetes, then the Docker VM remains the best and most predictable option. If you plan to self host 10 to 30 containers, or run full stacks like Gitea with runners, Nextcloud, Plex, FreshRSS, and Nginx Proxy Manager, a Docker VM is still king.
LXC containers
One of the best features I have always thought about Proxmox is that it supports native LXC containers. If you have run VMware or another hypervisor, you know there isn’t really a built-in way to run easy containers. Yes, there is Tanzu for Kubernetes in VMware, but when it comes down to it, there is tons of complexity to running Tanzu in vSphere and many requirements, moving parts, and pieces.
With LXC containers in Proxmox, these are as easily spun up as a new virtual machine. They are extremely fast, since they share the kernel of the Proxmox host and they have low overhead, which is great for self-hosters. You can also do things like snapshot them, back them up, etc.
But, they are more OS-specific containers. They are more akin to running a full VM than they are application containers. That is where Docker comes in. But with LXC, you might think these would serve as great Docker container hosts, but they aren’t actually supported to do that. So it has historically been a bit of either an LXC container or Docker container approach.
Pros of using LXC
- They are very fast and don’t have a lot of overhead
- They need fewer resources than a full Docker container host generally speaking
- They are deeply integrated into Proxmox with networking, storage, permissions, and backup systems.
- Support for unprivileged containers also improves security
- They are really good for stateless or lightweight applications
- You can clone, snapshot, and replicate them
Cons of LXC
- You might find apps that are not supported to be run inside an LXC container due to certain system restrictions or privilege limitations
- A lot of Docker containers can’t be ported over to LXC because they rely on cgroups, specific kernel modules, or some kind of privileged operation
- If you need systemd, it may need extra hoops to jump through to make it work inside of an LXC
When LXC is the right choice
There are definitely use cases where LXC containers can be a great choice. You might decide to host apps like Pi-Hole or AdGuard Home inside an LXC container. Also, if you are running simple web servers, lightweight monitoring tools, databases, or some kind of custom app, these may work really well inside an LXC container.
Historically, if you wanted to run containerized applications that were packaged as Docker images in the OCI format, you would have needed to manually convert these to the LXC format which has not really been an option that has been that popular if at all, or you would just spin up a Debian or Ubuntu VM and load Docker in the VM.
OCI Containers
This is where the new OCI container image support comes into play with Proxmox VE 9.1. It now fills the gap between a full Docker VM and running LXC containers for applications. Now with the native OCI container image support, you can directly pull down OCI compliant container images from the regular registries that we use for running docker container images.
This is an amazing development as it may eventually circumvent the need to run rull on Docker container hosts on Proxmox. Instead, you may just need to pull down the OCI container image and run the Docker-native image inside the new OCI compliant LXC container.
When you pull these OCI compliant images from Docker Hub, GHCR, Quay, Harbor, or your own private registry, Proxmox can now store the OCI layers on its own storage system. Then it treats OCI containers as managed objects similar to LXC containers or VMs. Awesome!
So underneath the hood, it is actually using an LXC container to provision the OCI container image. While this may be a little bit of a mind bender, it sure makes provisioning easier to think about as you can attach resources to the LXC/OCI container as you would anything else, including VLANs.
Pros of OCI containers in Proxmox
- May circumvent the need for Docker container host VMs
- Lower overhead than Docker VMs
- These are compatible with standard OCI images from Docker Hub and other registries
- There isn’t a need to install Docker or Podman
- They are integrated with Proxmox backup and snapshot systems
- They also help to reduce VM sprawl
- It is definitely more secure than running Docker directly on the Proxmox host (which you don’t want to do)
Cons of OCI containers in Proxmox
- It is bleeding edge new, and in Technology Preview
- There is no official way as of yet to update your OCI images you provision this way
- Not a full Docker replacement as you can’t run all Docker Compose stacks
- No support for advanced Docker networking like macvlan or overlay networks but again you can configure the networking like you would an LXC container
- No direct replacement for Kubernetes or Swarm orchestration
- Limited developer tooling compared to Docker
When OCI on Proxmox might be the right choice
If you want to deploy a single container image without building a whole VM, OCI images are a great fit. Good use cases might include workloads or apps like:
- A single instance of Uptime Kuma
- Dozzle
- A lightweight dashboard
- A single microservice
- A small database
- Simple background workers
If your goal is to reduce VM overhead and deploy lightweight services easily from Docker Hub OCI-formatted images, then OCI support, I think, hits the sweet spot.
Comparing Docker VM vs LXC vs OCI containers
Here is a simple table comparing the three different ways to run containerized applications in a Proxmox environment in late 2025:
| Feature | Docker VM | LXC | Proxmox OCI |
|---|---|---|---|
| Performance | High | Very high | High |
| Resource usage | Can be high depending on resources allocated | Very low | Low |
| Docker compatibility | Full | None but can convert to LXC | High |
| Ease of use | Easy | Easy | Easy |
| Backups in Proxmox | Full VM | Full | Full |
| Supports Docker Compose | Yes | No | No |
| Best for large stacks | Yes | No | No |
| Best for simple apps, or single app | Good | Great | Great |
| Networking options | Very flexible | Moderate | Moderate, same as LXC |
| Isolation level | Strong | Moderate | Moderate as it runs in an LXC |
So after considering what we have about the three ways that you can run containerized apps in late 2025 in Proxmox, Docker VMs still provide the most flexibility and support for real world container stacks. LXC containers still have a place and provide great performance and low overhead but are not compatibile without conversion with OCI container images. OCI containers (new with Proxmox 9.1) offer the best middle ground for lightweight apps that you want to deploy directly on the node and makes this easy now to spin up without first installing Docker somewhere.
Which option is best now in late 2025?
If you want a simple rule of thumb, here is how to choose between Docker VMs, LXC, and Proxmox OCI containers.
Use Docker VM if:
- You run more than a few containers
- You depend on Docker Compose
- You run Portainer, Traefik, Authelia, or other multi container apps
- You want to keep the Proxmox host clean
- You want to be able to migrate your Docker VM to another node or cluster
Use LXC if:
- You want great performance and low overhead
- You use apps that run cleanly in LXC
- You want easy snapshots and cloning
- You like running small individual services without an entire VM
Use Proxmox OCI containers if:
- You want a lightweight way to run one or two container images
- You want to use the same images you find on Docker Hub
- You want to avoid running a full Docker VM
- You want your OCI containers (using Docker images) to be native Proxmox objects
- You deploy apps that have simple runtime requirements
Summary table of use cases and which you might consider:
| Container Method | Best Use Case | Why It Matters in 2025 |
|---|---|---|
| Docker VM | Full Docker Compose stacks, multi-service apps, Portainer, Traefik, large self-hosted deployments | Still the only way to run full Docker and Compose workflows with complete compatibility and advanced networking options that are native to Docker. This is still the way to go for complex container stacks. |
| LXC Container | Lightweight single apps, DNS utilities, small web servers, scripts, and background services | This option offers near bare metal performance with low overhead, so great for simple and efficient home lab services. |
| OCI Container (Proxmox 9.1) | Running Docker images directly in Proxmox without needing a Docker VM, single microservices, quick deployments | This new way introduces true Docker image compatibility inside Proxmox which is awesome |
| Mixing All Three | Typical home labs that run both simple services and multi container stacks | Provides the highest flexibility ever seen in Proxmox, letting you choose the best container approach per workload without forcing everything into a VM. |
Wrapping up
With Proxmox VE 9.1, the home lab now has more options than ever before. Proxmox is becoming my favorite hypervisor when it comes to running containers just simply due to the amount of options it gives us when we need to containerize an application. We can still use full virtual machines for Docker hosts when these make sense as they probably still will for production workloads. But, we still have LXC containers for quick and easy “VM-like” environments to load up applications. But, we now have the new OCI container compatibility in Proxmox 9.1 that gives us this really nice third option that is looking like it will be a game changer. Let me know. Have you tried this out yet? What are your thoughts on the impact this will have in the home lab and production environments?
About The Author
