by sjdonado
The Linux kernel's support for namespaces mostly [1]
Isolates an application's view of the operating environment
cgroups provide resource isolation, including the CPU, memory, block I/O and network.
Docker is a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called containers. [2]
AuFS: advanced multi-layered unification filesystem