Among other kernel features that LXC uses to contain processes and provide isolation, cgroups are a quite important kernel feature for resource limiting. The LXC that is part of every Linux distribution now was created in 2008 largely based on the efforts from Google. There were other attempts as well, but none of them were comprehensive enough to come close to virtual machines. The Linux community further came up with OpenVZ in 2005 offering operating-system-level virtualization. This was closely followed by Linux-VServer in 2001 with a similar mechanism to partition resources like the file system, network addresses, and memory. ![]() FreeBSD jails offered more explicit isolation with their own network interfaces and IP addresses. A few decades later, FreeBSD extended the concept to introduce jails in 2000 with advanced support for process isolation through operating-system-level virtualization. Of course, chroot didn’t offer anything more than that in terms of process isolation. The tool chroot, introduced in 1979, made it possible to change the root directory of a process and its children to a new location in the filesystem. ![]() We can trace back the history of tools offering some level of process isolation to a couple of decades back. The main concept of containers is to provide isolation to multiple processes running on the same host.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |