|
|
|
|
|
|
by icebraining
3391 days ago
|
|
|
Assuming for a minute that containers aren't in play, then the isolation model becomes that of a server/vm with the associated overhead of each. Why? There's nothing magical about a container, it's literally just a cgroup of Linux processes. You don't have to use them to get the memory isolation we're talking about - uncontained processes get it too. That's what we do: one process per client, uncontained, just running on a different system user. But in any case, sure, use containers, I'm certainly not opposed to them. |
|
|
Perhaps for some tier of paid customer.