| > There is no isolation with cgroups in Linux
> containers are resource constraints I'm going to say this one more time: Linux containers use namespaces as the primary isolation mechanism -- NOT cgroups. You can create containers without cgroups. This happens to be my problem space too, and you're not helping by spreading ignorance. > equating cgroups and namespaces with a lightweight virtual machine technology is conflating two different things. Finally you mention namespaces. Who mentioned "lightweight vritual machines"? Namespaces are just tags for a process that are used to scope operations to provide isolation. Cgroups are different tags used to provide resource constraints. Just because people use containers in that way at the moment doesn't make the underlying technology just about that. > an operating system I very heavily use, develop on, and engineer for, I would be interested to learn of them. Arrogance is not an endearing quality. > If they exist, I have not heard of them We can play that game all day. I don't care who you have and haven't heard of, Linux has talented kernel engineers as evidenced by the fact that Linux is widely used for production deployments. You might not agree with what has been built, but you can't deny that it does exist and is being used to power production systems. Please calm down on the saltiness, sodium is bad for your health. |