Quick container tech comparison

On Linux

On Linux, containers are a product of combining namespaces (to isolate FS mounts, PIDs, etc), control groups (to affect scheduling / resource allocation), hardening/sandboxing techniques (to prevent / minimise damage from sandbox escapes), and possibly other pieces (like overlay networks, filesystems, etc).

At the kernel level, there is no notion of a container, so various projects pick up various pieces and stitch them together.


The hive mind thinks containers == Docker. Well, it does have a LOT of momentum behind it, but it also gets a lot of (partly truthful) criticism.

In no particular order:


Aka Linux Containers.

Slightly more low-level tool. From what I've gathered:


Builds on top of LXC. If you're not on Ubuntu, you're out of luck. I've tried to figure out how to install it from source on Debian Jessie, no luck so far.


Rocket started as a Docker fork from the guys behind CoreOS.

TODO! Yet to try it.

On FreeBSD

FreeBSD jails are a first-class citizen on the OS; the tech has existed and was stable long before the container boom. There's also work underway to run Docker containers natively, through various Linux compatibility layers.



On top of all of Docker's problems on Linux, on FreeBSD it brings a bag of its own issues: mainly the fact that it relies on the Linux compatibility subsystem (with its own share of bugs).

On OpenBSD

OpenBSD doesn't have any native "container" technology, but the OS has a very strong focus on security (and making security easy), which makes a lot of its native functionality usable for ad-hoc "containerization" of specific applications. Specifically:

See this as plaintext. Get the permalink. Check out related. Go home.