CoreOS and ZeroVM are so young that there's not really much literature about them yet. That said, VMs and containers have been around for decades.

Lots of the recent activity is more about packaging and usability improvements, rather than theoretical improvements.

A quick overview: CoreOS is a super-minimal Linux distribution designed to be used as a base for applications. It's essentially equivalent to the JEOS buzzword from five years ago. It would run inside of Xen or KVM or VMWare.

Xen, KVM, VMWare, Virtualbox, you probably already know about- they provide a virtual machine, the operating system running inside of it (theoretically) can't tell it's not on its own hardware. Xen uses a 'hypervisor', which is essentially a very tiny, custom kernel. KVM uses the Linux kernel as the hypervisor, which makes a lot of sense- you don't have to reimplement all the years of hardware support and scheduling work they've done. VMWare and Virtualbox run as applications on whatever OS you provide. You lose out on some opportunities for clever performance hacks this way, but there are other advantages. VMWare ESX[i] is more like Xen & KVM, but I don't really know that much about it.

Containers (BSD jails, Solaris zones, LXC, and of course, HN's lovechild Docker) let you provide VM-like isolation and resource management between processes or groups of processes, but you only run one kernel. This means much less duplicated effort and memory, and Docker's AUFS lets you deduplicate your storage too. There are slightly more security concerns about this approach than full VMs, the Linux kernel (and others, but let's be honest about the target audience) has a long and ugly history of local privilege escalations.

ZeroVM is based on Google Chrome's NaCL, and that's about all I know about it. I would expect VM-like security (it validates machine code), and an environment that requires serious porting from POSIX. That said, if you use Python, Ruby, Mono-compatible .NET, or Go, the heavy lifting has already been done for you.

ESX and ESXi are bare metal hypervisors, unlike KVM which is kind of like a quasi-bare metal hypervisor which happens to sit in the Linux kernel. ESX has been EOL'd, however it relied on something called the "Console OS" to bootstrap itself until the vmkernel would take over and start scheduling tasks. The Console OS was actually a modified Red Hat Advanced Server (later Enterprise Server) instance which once the system was booted would act as a kind of "privileged guest". You could log in to it and do sysadmin-y tasks like add users, install RPMs etc.

ESXi, on the other hand, was written to do away with the Console OS entirely, but it still has a fairly rudimentary shell. Many of the utilities are based on busybox and the idea is it should be stripped down with only really minimal functionality. It also sported something called the Direct Connect UI (DCUI) which is a curses based interface for doing things like settings up an admin password, reviewing logs and changing security settings.

Thanks for the clarification.

As far as I read it, you are wrong about CoreOS. It's meant to be run as a host OS, not as a guest. It provides a minimal Linux Hypervisor you can use to run containers built for docker.

Yes, CoreOS wants to be a host OS, but it's also a ripping good guest OS, because of its minimalism. I'm expecting most people to basically stick their app and nothing else (like, say, a full ubuntu environment) inside of the container.

Hypervisor is the wrong word- that's what you'd call Xen, VMWare ESX or the host KVM kernel.

Thanks, krakensden, for the clarifications. I think reading a few books on operating systems and on the Linux kernel would be a good start.

That said, if you use [...] or Go, the heavy lifting has already been done for you.

Not really. Go used to have a nacl port, but that was years ago. It was abandoned when the nacl people decided to use a different method for isolating code.

Porting Go to use the new method would require writing another compiler, like {5,6,8,}{c,g}.

Late edit: There are talks of reviving the nacl port (not pnacl), something changed in nacl land?

For some reason I thought ZeroVM is based on vx32, not NaCL: http://pdos.csail.mit.edu/~baford/vm/ Does anyone know if there is something similar based on vx32?