Colony vs Docker for Dev Environments
Why Colony uses Linux network namespaces instead of Docker containers for AI agent isolation. A technical comparison.
Colony deliberately chose Linux network namespaces over Docker containers for agent isolation. Here’s why.
The Problem with Containers
Docker was designed for application deployment, not for running dozens of parallel development environments. When you use containers for AI agent isolation:
| Metric | Docker Container | Colony (Namespaces) |
|---|---|---|
| Memory overhead | 200+ MB per container | 0 MB |
| Startup time | 2-30 seconds | < 50ms |
| Filesystem | Copy or overlay mount | Native (shared) |
| Networking | Virtual bridge + NAT | Namespace isolation |
| Max parallel instances | Limited by memory | Limited by CPU only |
How Colony Works
Instead of spinning up a full container runtime, Colony creates a Linux network namespace for each agent. This is the same kernel primitive that Docker uses internally — but without the container overhead.
Each colony gets:
- Isolated network stack — its own IP address, routing table, and firewall rules
- Shared filesystem — native speed, no copy-on-write overhead
- Dedicated VCS workspace — Jujutsu creates a lightweight workspace per agent
- Independent database — SQLite per colony, no shared state
When Docker Still Makes Sense
Docker is the right choice when you need:
- OS-level isolation (different distros, kernel versions)
- Reproducible production images (Dockerfile as spec)
- Cross-platform compatibility (macOS, Windows via VM)
Colony’s namespaces currently require Linux. For development on macOS, Colony runs inside a lightweight Linux VM.
The Numbers
On a 16-core machine with 32GB RAM:
- Docker: ~30 concurrent containers before memory pressure
- Colony: 100+ concurrent agents with negligible memory impact
The difference compounds. If each agent session runs for 30 minutes, Colony can process 3x more tasks in the same time just from faster startup and lower overhead.
Summary
Colony uses the kernel’s own isolation primitives to give each AI agent its own environment — without the weight of containers. The result is instant startup, zero memory overhead, and the ability to run as many parallel agents as your CPU can handle.