Kubernetes What are containers
Links: 110 Kubernetes Index
What are containers¶
- The container actually hosts cgroups, namespaces & union capable file system.
- Because of these 3 a container looks and feels like an operating system.
The cgroups and namespaces capabilities of the Linux kernel.
- cgroup: Control Groups provide a mechanism for aggregating/partitioning sets of tasks, and all their future children, into hierarchical groups with specialised behaviour.
- namespace: wraps a global system resource in an abstraction that makes it appear to the processes within the namespace that they have their own isolated instance of the global resource.
cgroups = limits how much you can use; namespaces = limits what you can see (and therefore use)
- cgroups provide resource metering and limiting like memory, CPU, block I/O, network, Device node (/dev/) access control
- namespaces provides processes with their own view of the filesystem. We have multiple namespaces for pid, net, mnt, uts etc.
Last updated: 2022-09-05