What does docker container provide
- Every application needs
- a process to execute as this allocates CPU and RAM
- a network interface for accessing the application
- a storage space or mounts which will have os and other necessary contents
- As we have observed in the class all of the above were present in linux as well as windows server or vms
- Now lets login into container and explore. As we have seen container also has network interfaces, its own process treee which starts from pid1 and a filesystem from
/(root)
- As of now container is an isolated area which has its own
- process tree
- network interface
- file system
- users
How are these created
- The isolations are created with the help of namespaces
- process namespace
- mount namespace
- net namespace
- user namespace
- The limitations or restrictions on isolated areas can be acheived using control groups
- Initially docker used lxc (linux containers) to create containers. LXC are part of linux kernel releases
- Docker has created a component which is called as libcontainer, which is a low level component to create containers using namespaces and cgroups.
- Refer Here this article
