From a consumer/user perspective almost none of the benefit of containers is available to the end-user. Features sets vary wildly by operating system. MacOS doesn't even have real containerization and apple has not signaled moving in that direction. (not even going to bother to take windows seriously.) jails in FreeBSD work in a completely different way from cgroups. Our phones should effectively be containerizing apps so we can e.g. control who is allowed to contact the internet, but no such functionality is offered to the user. Apps instead are simply not allowed to look at each other, but they can contact whoever they want. (Maybe a rooted android has slightly better feature set in this regard, but that sounds miserable to me to have to figure out.)
For writing services, yes, they're quite useful. We've only tapped a tiny part of the potential though. These could be easily repurposed to allow the end-user who uses graphical interfaces to lock down their computer.
From a consumer/user perspective almost none of the benefit of containers is available to the end-user. Features sets vary wildly by operating system. MacOS doesn't even have real containerization and apple has not signaled moving in that direction. (not even going to bother to take windows seriously.) jails in FreeBSD work in a completely different way from cgroups. Our phones should effectively be containerizing apps so we can e.g. control who is allowed to contact the internet, but no such functionality is offered to the user. Apps instead are simply not allowed to look at each other, but they can contact whoever they want. (Maybe a rooted android has slightly better feature set in this regard, but that sounds miserable to me to have to figure out.)
For writing services, yes, they're quite useful. We've only tapped a tiny part of the potential though. These could be easily repurposed to allow the end-user who uses graphical interfaces to lock down their computer.