This doesn't really make sense... the "theory" (or I would say "idea") is OS vir...

WestCoastJustin · on March 10, 2014

Maybe theory isn't the best word to describe what I mean. I've updated the posting s/theory/idea/. Basically, I want to illiterate the idea of something vs the implementation.

> There is no "theory" of Linux containers. It's bound to the implementation of Linux. FreeBSD jails are another, earlier, completely separate implementation of the same idea.

I think you have just hit upon my point re: FreeBSD jails are another, earlier, completely separate implementation of the same idea.

SEJeff · on March 10, 2014

Actually you're still a bit off. This is in reference to libcontainer vs lxc only.

libcontainer is a native golang library for accessing all of the linux namespace and cgroup features of the linux kernel.

lxc is a project that bundles the namespace and cgroup isolation features of the linux kernel into a simple set of command line utilities.

Both are not "implementations of an idea". They are abstractions ontop of the kernel features.

Edit:

For the parent, s/Libvert/libvirt/. It is a virtualization abstraction library written by Dan Berrange and the Redhat crew.

emmelaich · on March 11, 2014

I think you're on the right track and I've had the same thought.

The word I used is 'goal' or 'requirement'. Virtualisation is not an end in itself.

The point of virtualisation is isolation. It is not totally successful in that and it is certainly not the only way to get some isolation.

I've been meaning to put together a list of various approaches in a heirarchy of levels.

It would look something like

    * threads

    * processes

    * users

    * 'virtual' ips

    * chroot

    * jails

    * namespaces (same kernel)

    * kernels  (same machine)

    * hardware (same data centre)

These are not linear or orthogonal of course.