the concept of containers is a virtualization sharing the same kernel instance. for the majority of use cases, sharing the same kernel is sufficient and a virtual machine is not needed. for the cases where differences must exist between kernels, where these differences are not specifically provided for in cgroups/namespaces, a virtual machine is needed.
1 Like