[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: virtualisation

mick.crane wrote: 
> On 2023-05-22 20:10, Dan Ritter wrote:
> > mick.crane wrote:
> > > This is a request for best practice, perceived knowledge.
> > Try KVM/QEMU, which is available via the libvirt tools; the
> > primary graphical interface is virt-manager, and the primary CLI
> > is virsh.
> > 
> > -dsr-
> 
> This is like a "container" using the kernel from debian installation ?


Let's look at the landscape of partitioning, from least
separated to most.

a program running as root
a program running as a shared user
a program that starts as root and then drops capabilities to run
  as a dedicated user
a program running as a dedicated user
a program running as a dedicated user in a chroot jail
a program running in a container [uses the kernel namespaces
  feature to keep separation for filesystem, network access,
  CPUs]
a program running in a paravirtualized machine [OS calls are
  wrapped and passed through]
a program running in an emulated machine [everything is
  emulated]

libvirt can manage containers, paravirtualized machines, and
emulated machines. KVM/QEMU can handle the latter two.

-dsr-
Reply to: