Originally posted by CochainComplex
View Post
It's not "bare metal virtualization" as there is no VM, no additional kernel, and no hardware virtualization layer to fool such kernel. The proper term is OS-level virtualization https://en.wikipedia.org/wiki/OS-level_virtualization
It's literally just telling the current system's kernel "load libraries for this application from path X instead than from default system path" and "for this application please block system calls in this blacklist" but the application is talking directly to the same OS kernel as if it was any other application running in the system.
Docker (Flatpak/Snap/LXC/whatever) does not need VT-x/AMD-Vi on Linux
It needs VT-x on Windows (and Mac I guess) because there Docker is run through a Linux VM and to run the Linux VM you need virtualization because it's a VM.
And why you need a VM? Because the docker image is not a VM but just a pack of Linux application and libraries, it needs a host Linux kernel to run.
https://www.unixtutorial.org/does-do...virtualization
Comment