What is a hypervisor?
TL;DR
Containers were never built for security. Hypervisors were.
Edera gives you the best of both — without the overhead or complexity.
So what is a hypervisor?
Imagine your computer is a big apartment building. Traditional containers are like roommates — sharing the same kitchen, bathroom, and front door (a.k.a. the Linux kernel). They live together, share everything, and hope no one misbehaves.
But sometimes you want privacy. Or you don’t trust your roommates. Or maybe you’re trying to work from home and don’t want someone else’s video streaming slowing down your bandwidth.
That’s where having your own apartment comes in.
A hypervisor is like giving each container its own apartment.
You get walls. A door. Your own bathroom. Your own kitchen. Total isolation.
Hypervisors let you run virtual machines in their own private space — still in the same building, but completely separated. This keeps them safer, quieter, and easier to move around without bothering anyone else.
Here’s the catch: containers don’t use a hypervisor by default. In a typical setup (like Docker on Linux), containers run directly on the host OS, all sharing the same Linux kernel. There’s no hypervisor involved — just kernel namespaces and cgroups trying to enforce boundaries.
So in that shared apartment, if one container escapes or misbehaves, it can reach other containers on the same node. Not great.
How Edera fits in
Edera is like an apartment for your container — in other words, a hypervisor built for containers.
We use a Type 1 hypervisor, which means we live beneath the operating system, not inside it. We sit below the Linux kernel, acting as the landlord. We manage CPU, memory, and access, making sure everything runs smoothly and securely.
But unlike old-school hypervisors, Edera is container-native — designed to work with Kubernetes and modern cloud-native workflows out of the box.
What this lets us do:
- Real isolation: No shared kernel. No noisy neighbors. No lateral movement.
- Performance without compromise: Security, speed, and efficiency — all at once.
- Strong resource boundaries Each workload gets its own slice of CPU and memory, enforced by the hypervisor.
- Drop-in Kubernetes integration: Just use our runtime class — no re-architecting required.
Want a deeper dive? Check out how our architecture works →