While Linux “name space” provides a good foundation for embedded application isolation, popular containers mostly focus on Linux fragmentation, and none of the Docker, LXC, Snap or Flatpak focus on embedded systems constrains. Everyone understands that installing a software component on millions of cars, on a submarine or in a train is very different from installing a new application on a desktop or a phone. Embedded containers target managed systems that, on one hand require less composability than phone or desktop, on the other hand require a stronger control on package qualification and resources usage.
This talk presents how to run containerise programs under heavy resource constrains. It exposes how containers permit to operate multiple flavors of a given toolkit and finally exposes how containers simplify configuration management, security and hierarchical model, SOTA.