A method in one embodiment comprises implementing a kernel-based isolation layer, configuring a software container on the kernel-based isolation layer to include a dedicated operating system kernel as a library operating system, and executing one or more user processes in the software container. The method is performed by a cloud-based processing platform, an enterprise processing platform, or other type of processing platform comprising a plurality of processing devices, with each such processing device comprising a processor coupled to a memory. The library operating system illustratively runs in the software container at a privilege level that is the same as a privilege level of the one or more user processes executing in the software container. The library operating system is illustratively configured to support automatic translation of binaries of the one or more user processes in conjunction with converting system calls into corresponding function calls.