Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Do these containers share a common kernel? Or are they each ran in a separate VM?

Edit: It's a VM per container. https://github.com/apple/container/blob/main/docs/technical-...



Isn't it wasteful? I know it's a "tiny" vm but still is a vm


See Kata containers.

https://katacontainers.io/

For ultimate security, containers alone aren't enough.

Windows is also having a similar feature on top of WSL, announced at BUILD.

https://github.com/microsoft/mxc


Isnt this a micro VM and not a container? Confused


A micro VM than encapsulates a single container inside, two levels of protection.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: