Virtualization

• kubernetes

• WSL (Windows Subsystem for Linux)

• Distrobox

• Containerization

  • Sandboxed containers -
    • what?
      • uses custom userspace mini-kernel
        • sits between containerized applications and host’s kernel
        • intercepts all the container’s system calls and performs a policy check before passing each call off to the host kernel
    • like
      • gvisor
        • also implements
          • custom TCP/IP stack
          • filesystem proxy - between container & host’s one
        • written in Go, a memory-safe language
        • n
          • won’t be able to use most tools designed for the Linux kernel to debug
          • may need to reimplement kernel features to support some workloads running inside gVisor

• VMs - Virutal Machines

  • MicroVMs -
    • what?
      • use hypervisor, like qemu, to create light VMs per-container
    • n
      • containers here can’t directly share files w the host.
      • fewer ways for a container to interact with the host
    • services
      • AWS Firecracker

• theory

  • GPU passthrough
    • might get you banned on games
    • might need 2 GPUs -