What does it mean to contain an application? We have a pretty good concept these days of containing servers, by means of virtualization. Taking physical hardware, turning it into a virtualization host-like Hyper-V, and then running many virtual machines on top of it is a form of containment for those VMs. We are essentially tricking them into believing that they are their own entity, completely unaware that they are sharing resources and hardware with other VMs running on that host. At the same time that we are sharing hardware resources, we are able to provide strong layers of isolation between VMs, because we need to make sure that access and permissions cannot bleed across VMs – particularly in a cloud provider scenario, as that would spell disaster.
Application containers are the same idea, at a different level. Where VMs are all...
