Kubernetes-in-Docker

Deploy K8s inside Docker containers, with simple Docker run commands, simple container images, and strong isolation (Linux user namespace). You have full control of the K8s cluster config. This is very useful for development, testing, and CI/CD. 

Lightweight VM

Use containers as lightweight VMs. For example, a container image can include systemd, ssh, a Docker daemon, preloaded inner container images, etc. You have full control of the container image and Sysbox ensures strong 

isolation between the container and the host.

Docker-in-Docker

Run Docker-in-Docker seamlessly, with simple container images and strong isolation (no privileged containers). You can easily preload inner Docker images using a Dockerfile or Docker commit. This is useful for Docker sandboxing, testing, and CI/CD. 

Legacy Apps 

Legacy apps built to operate in VMs may be lift-and-shifted into VM-like containers, enabling them to operate within cloud-native frameworks.

Increased Agility

Use fast & efficient containers instead of slower & heavier VMs. Move them across clouds, in seconds.

Reduced Costs

Avoid the need to spawn costly VMs. For example, you can deploy a K8s cluster for testing within a single cloud VM, instead of paying for several VMs.

Security

Avoid the use of very unsecure privileged containers to run Docker-in-Docker or Kubernetes-in-Docker. Sysbox enables these using strong isolation (Linux user namespace).

Simplicity

Avoid the need for complex Docker images, custom entrypoints, host volume mounts, etc., to run Docker or Kubernetes inside containers. Sysbox reduces this to simple Docker run commands with simple images.