Containers From Scratch • Liz Rice • GOTO 2018 - https://www.youtube.com/watch?v=8fi7uSYlOdc
Namespaces - Control what you can see
- What you can see
- Created with syscalls (the below list depends on particular version of your linux kernel)
- Unix Timesharing system
- Process IDs
- Mounts
- Network
- User IDs
- InterProcess Comms
This is a big part of what makes a container - a Container. It's restricting the view of what the process have / has about the things that are going on in that machine.
Control Group: Control what you can use
IBM - VM vs Containers - https://www.youtube.com/watch?v=cjXI-yxqGTI