docker_revisited.txt

Important Link (Data Extracted from this Links)
------------------------------------------------
https://stackoverflow.com/questions/34820558/difference-between-cgroups-and-namespaces

Content ( cgroups & namespaces )
---------------------------------

The proper links for those two notions have been fixed in PR 14307:
    Under the hood, Docker is built on the following components:
    The cgroups and namespaces capabilities of the Linux kernel
With:
    cgroup: Control Groups provide a mechanism for aggregating/partitioning sets of tasks, and all their future children, into hierarchical groups with specialized behaviour.
    namespace: wraps a global system resource in an abstraction that makes it appear to the processes within the namespace that they have their own isolated instance of the global resource.

In short:

    Cgroups = limits how much you can use;
    namespaces = limits what you can see (and therefore use)

See more at "Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic" by Jérôme Petazzoni.

Cgroups involve resource metering and limiting:

    memory
    CPU
    block I/O
    network

Namespaces provide processes with their own view of the system

Multiple namespaces:

    pid
    net
    mnt
    uts
    ipc
    user: userns it is graduating from experimental in docker 1.10
    (per-daemon-instance remapping of container root to an unprivileged user is in progress: PR 12648: see its design)


Difference Between & Undersatnding of chroot, namespaces & cgroups
-------------------------------------------------------------------
https://itnext.io/chroot-cgroups-and-namespaces-an-overview-37124d995e3d