Well, my read of this is a bit different. This looks to me like a side-effect of the
virtualization changes to the kernel and how Oracle works. Basically, virtualization requires
carving out a set of system resources (memory, cpu, disk, network, etc, etc) and assigning
them to a virtual machine to manage. The key is that the kernel has to be able to define
parameters that can be isolated and restricted in their size and scope. What the container
concept seems to be - which I could be misunderstanding based on only a cursory reading - is
extending that ability to isolate resources to processes running within the base OS.
ie, if you are putting hooks into the kernel to be able to define and limit system resources
for virtual machines, why not extend it to processes and resources at the OS level?