[bcoates]

Network namespaces, virtual ethernet interfaces, iptables rules, & union filesystems are all very cheap and have little to no overhead for normal use cases. N processes in 1 container isn't a perf win over N processes in N containers.

Shared process memory isn't the easy memory-consumption win it sounds like, locking is hard to get right, potentially very destructive to the parallel performance that was the point of the whole exercise, and marries you to a single physical box.

Even if you want to take advantage of shared-address-space shared memory you probably want to do it in a more principled way than fork()

One-copy-per-thread and share-by-communicating both give you braindead simple scaling without dealing with that.