Virtualization is a technique which allows, inter alia, for running one or more isolated user-space instances, called virtual containers, on a host computing system. A particular host computing system can run multiple virtual containers, and the virtual containers are managed by a host container. Each virtual container is provided access to a share of computing resources, including processor cycles, memory, and the like, to emulate a particular set of hardware running a particular operating system (OS) and being configured to execute a particular set of software. To segregate virtual containers, each is provided with a respective namespace.
During use, the host container is transparent to the user of the virtual container, and the virtual container may be used to run any suitable number of applications. In certain instances, one or more applications running within the virtual container request access to one or more device-based resources through the OS of the virtual container. For example, a web-based application requests access to an internet connection as provided by a WiFi or Ethernet device. Although an OS of a standalone computer (i.e., non-virtualized) may interact directly with various hardware components, for example through drivers in the kernel, a virtual container is typically provided with an interface, for example a hypervisor, through which the OS of the virtual container may access certain hardware elements.
However, an OS of a virtual container can only access a device-based resource if the device is visible to the operating system. Some device-based resources, for example wireless adapters, are not configured to be visible across multiple namespaces. Thus, in typical virtualization scenarios, only an active virtual container can access such device-based resources. Additionally, a host computing device typically has only a single one of each device. If a particular host computing system runs two virtual containers, only the active virtual container can access device-based resources, and an inactive virtual container is precluded from accessing device-based resources until it is made the active virtual container. Thus, only the OS of the active virtual container can access a WiFi adapter or other networking device, and any application running in the inactive virtual container is prevented from accessing network resources provided by the WiFi adapter.
As such, there is a need for providing access to device-based resources to all virtual containers running on a host computing system.