OS-level virtualization: Difference between revisions

Content deleted Content added
Przemub (talk | contribs)
{{Anchor|IMPLEMENTATIONS}}Implementations: Docker on FreeBSD is dead https://wiki.freebsd.org/Docker#Past_Work
top: Wikify, copy edit, correct internal hyperlinks
Line 2:
{{More citations needed|date=November 2020}}
 
'''OS-level virtualization''' is an [[operating system]] (OS) [[virtualization]] paradigm in which the [[Kernel (operating system)|kernel]] allows the existence of multiple isolated [[user space and kernel space|user space]] instances, calledincluding '''''containers''''' ([[LXC]], [[Solaris Containers|Solaris containers]], AIX [[Workload_Partitions|WPARs]], HP-UX SRP Containers, [[Docker (software)|Docker]], [[Podman]]), '''''zones''''' ([[Solaris Containers|Solaris containers]]), '''''virtual private servers''''' ([[OpenVZ]]), '''''partitions''''', '''''virtual environments''' (''' (VEs'''), '''''virtual kernels''''' ([[vkernel|DragonFly BSD]]), orand '''''jails''''' ([[FreeBSD jail]] orand [[chroot jail]]).<ref>{{Cite web |url=https://www.networkworld.com/article/749098/cisco-subnet-software-containers-used-more-frequently-than-most-realize.html |title=Software containers: Used more frequently than most realize |last1=Hogg |first1=Scott |date=2014-05-26 |website=[[Network World]] |publisher=Network world, Inc. |access-date=2015-07-09 |quote=There are many other OS-level virtualization systems such as: Linux OpenVZ, Linux-VServer, FreeBSD Jails, AIX Workload Partitions (WPARs), HP-UX Containers (SRP), Solaris Containers, among others. }}</ref> Such instances may look like real computers from the point of view of programs running in them. A [[computer program]] running on an ordinary operating system can see all resources (connected devices, files and folders, [[Shared resource|network shares]], CPU power, quantifiable hardware capabilities) of that computer. However, programsPrograms running inside of a [[Containerization (computing)|container]] can only see the container's contents and devices assigned to the container.
 
On [[Unix-like]] operating systems, this feature can be seen as an advanced implementation of the standard [[chroot]] mechanism, which changes the apparent root folder for the current running process and its children. In addition to isolation mechanisms, the kernel often provides [[Resource management (computing)|resource-management]] features to limit the impact of one container's activities on other containers. Linux containers are all based on the virtualization, isolation, and resource management mechanisms provided by the [[Linux kernel]], notably [[Linux namespaces]] and [[cgroups]].<ref>{{cite web|url=http://www.netdevconf.org/1.1/proceedings/slides/rosen-namespaces-cgroups-lxc.pdf|title=Namespaces and Cgroups, the basis of Linux Containers|first=Rosen|last=Rami|access-date=18 August 2016}}</ref>
 
TheAlthough termthe word ''container'', while most popularlycommonly referringrefers to OS-level virtualization systems, it is sometimes ambiguously used to refer to fuller [[virtual machine]] environmentss operating in varying degrees of concert with the host OS,{{Citation e.g.,needed|date=September 2024}} such as [[Microsoft|Microsoft's]]'s [[Hyper-V]] containers.{{Citation Aneeded|date=September 2024}} moreFor historican overview of [[virtualization]] in general since 1960, can be found in thesee [[Timeline of virtualization developmenttechnologies]].
 
== Operation ==