In this article, we will discuss some of the Linux security technologies used by Docker.
TL;DR
- Namespaces allow us to run multiple containers with the same port on a single operating system (network namespace)
- Makes it possible to run multiple applications each with different filesystems (Mount namespace)
- Allow a single system to apear to have different hostnames to different processes (UTS namespace)
When we first started using Docker, we were so excited about how easy it was to make containers that we didn’t really know what was going on behind the scenes.
Namespaces
Kernel namespaces provide process isolation and resource sharing within a Linux system. Multiple processes can coexist on the same system, while having their own isolated views of the system resources, for example file systems, network interfaces, and process IDs. Namespaces allow containers to run independently of each other and from the host system, which prevents conflicts and resource contentions.
