Life of a Container
What if I told you that there is no such thing as a container? Surprised? The first time I heard this I was taken aback as well. And when I started digging into the internals I found out that containers are nothing but a nicer UX for Linux namespaces and cgroups. If I wanted to run three instances of a web server serving traffic on port 80, do I need three separate machines? If you’re thinking yes, as no two processes can listen on the same port simultaneously, then the correct answer is no. Network namespaces make it possible to run them all under the same machine. And each of them can listen on the machine’s public network interface.
In this talk you will find out what constitutes a container. The system calls invoked when a container is started, the resources used and their relation to the host OS and finally the teardown process when a container is deleted.