Hacker News new | ask | show | jobs
by throwaway6734 76 days ago
https://docs.docker.com/ai/sandboxes/ Any idea on how that compares to this docker feature in development?
1 comments
figmert 76 days ago
Docker containers use cgroups and namespaces etc (the usual kernel level isolation)

Docker sandboxes use microvms (i.e. hardware level isolation)

Bubblewrap uses the same technology as containers

I am unsure about seatbelt.

link