Notes on Liz Rice's talk - Building a container from scratch in Go
Namespaces
What you can see
- UNIX Timesharing System
- Process IDs
- File system (mount points)
- Users
- IPC
- Networking
Control groups
What you can see
- CPU
- Memory
- Disk I/O
- Network
- Device permissions (/dev)