The Linux kernel is made up of several components and functionalities; the ones related to containers are as follows:
- Control groups (cgroups)
- Namespaces
- Security-Enhanced Linux (SELinux)
The Linux kernel is made up of several components and functionalities; the ones related to containers are as follows:
The cgroup functionality allows for limiting and prioritizing resources, such as CPUs, RAM, the network, the filesystem, and so on. The main goal is to not exceed the resources—to avoid wasting resources that might be needed for other processes.
The namespace functionality allows for partitioning of kernel resources, such that one set of processes...