top | item 46938859

(no title)

ironhaven | 21 days ago

I was going to rant about how containerization does not just mean Linux namespaces but that is what this is.

This project is very similar to docker with a background daemon server that you control via a cli to launch Linux containers.

Because Linux containers need Linux namespaces, each container is run in a virtual machine with a Linux kernel.

discuss

wpm|21 days ago

I'm surprised that given Apples love of sandboxing, especially on iOS, that XNU doesn't have something similar to namespaces or jails.

bjoli|21 days ago

IIRC they went for policy based sandboxing with Seatnelt and SIRP. That is pretty darn nice for gui apps, but not very good for things like containers.

lxgr|21 days ago

They don't just need Linux namespaces, they need the rest of Linux too! That's the ABI all software in OCI containers expects.

pjmlp|21 days ago

Not really, Windows containers do exist.