Correct, you grok it! Only Solaris and illumos kernels have true containers (resource limits) optionally applied to zones (virtualized OS instances providing full blown UNIX servers) running at bare metal speed as a bunch of processes in the global zone. FreeBSD jails come close (they were the inspiration for zones), but are more akin to chrooted jails than containers. Nowadays they are conceptually more like zones than they were in the beginning.