Book Image

Learning Docker

By : Pethuru Raj, Jeeva S. Chelladhurai, Vinod Singh, Vinod kumar Singh, Jeeva Chelladhurai, Pethuru Raj Chelliah
Book Image

Learning Docker

By: Pethuru Raj, Jeeva S. Chelladhurai, Vinod Singh, Vinod kumar Singh, Jeeva Chelladhurai, Pethuru Raj Chelliah

Overview of this book

Table of Contents (18 chapters)
Learning Docker
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

Process level isolation for Docker containers


In the virtualization paradigm, the hypervisor emulates computing resources and provides a virtualized environment called a VM to install the operating system and applications on top of it. Whereas, in the case of the container paradigm, a single system (bare metal or virtual machine) is effectively partitioned to run multiple services simultaneously without interfering with each other. These services must be isolated from each other in order to prevent them from stepping on each other's resources or dependency conflict (also known as dependency hell). The Docker container technology essentially achieves process-level isolation by leveraging the Linux kernel constructs, such as namespaces and cgroups, particularly, the namespaces. The Linux kernel provides the following five powerful namespace leavers to isolate the global system resources from each other. These are the Interprocess Communication (IPC) namespaces used to isolate the interprocess...