[sproingie]

A container is simply a process with isolated namespaces — an OS does not run within them, and any hardware access they have is mediated by the OS in the same way as any other process. This being from Linux’s POV anyway: once you’re running Docker on other OS’s, there’s a Linux VM in the middle.

[cassianoleal]

You can absolutely run a separate OS in a container. Not the kernel, but everything else.

It's true that you don't have to, but you certainly can.

In fact, the first implementation of containers in Linux - Linux Containers, or LXC - works exactly that way.

This may or may not be as great a distinction as you might want in order to consider it bare metal vs. not. I'll leave that up to you.

[sproingie]

Sure, the average container in fact brings along an entire OS distribution like Alpine or Ubuntu or whatnot, but there’s still no extra layers added (save perhaps for the filesystem). Then again, running an OS at all is not “bare metal” by some definitions… it’s all various amounts of alloys I suppose.

[arghwhat]

I think this part of the discussion is just a disagreement as to what constitutes an OS, and whether running a process with a different rootfs entails "running a different OS".