Containerization — Under the hood
A slideshow explaining the internals of containers including LXC, cgroups, namespaces and copy-on-write file systems
Oct 30, 2020
This is a slide show I created sometime back explaining the internals of containerization (or docker containers as we know it). It discuss the internals of containers including:
- LXC (Linux Containers) — Namespaces and cgroups (control groups)
- copy-on-write file system — AuFS (Advanced Multi-Layered Unification File system)
Processes executing in a Docker container are isolated from processes running on the host OS or in other Docker containers.
— Nevertheless, all processes are executing in the same kernel
— Containers sandbox processes from each other
Additionally, I discuss about the performance of docker containers and how it compares with the performance of VMs.