[Beowulf] Docker vs KVM paper by IBM

[Jason Riedy]

And Andrew Holway writes:
> The most interesting subject around docker is security and the fact
> that it provides pretty much null actual "containerisation"

I know I'm more interested in it for "packageization:" Provide
and support a very low-level, bare OS, then let different apps
build an environment on top of it.  That eases partitioning
support work between the stack of app libraries and lower-level
interfaces.

On a cluster, it'll likely be one Docker thingy (or maybe
Rocker...) running on multiple, whole nodes.  I'm not worried
about isolation between containers on one machine.  These
containers will have direct access to GPUs, IB, etc.  Now there
may be some nifty things you can do for playing with a virtual
ethernet at L2 that lets containers have access they otherwise
wouldn't, but that's more for research...