Okay, conceptually I understand that they are virtualized machines running discreet applications to fulfill a specific function. The idea is that you’re consuming fewer resources. But that’s about as far as I’ve gotten.
How are they “completely isolated” when they’re sharing the OS? At some point they must be sharing resources and I don’t understand how this is possible when the whole goal is to keep system failures isolated to a specific blast radius.
I’m sure I’ll come up with more questions when I get an answer but that’s where I am atm. Thanks
In: 1
Containers are a special type of virtual machine that allows you to run multiple copies of a parent OS in private, well, containers. Just like multiple virtual machines can run on a hypervisor, sharing resources, but still be private. Containers are also known as OS-Level Virtualization, where a single kernel can provide multiple unique user-spaces. Special considerations must exist in the kernel allow for that isolation into unique spaces.
Latest Answers