|
|
|
|
|
|
by otterley
1678 days ago
|
|
|
I would go even further - containers are process trees. They just happen to be process trees with the following attributes: (a) they (usually) have separate namespaces (network/pid/uts/cgroups/mount); (b) they (usually) have dropped capabilities; and (c) they (usually) are in cgroups that have resource reservations and/or limits. Under the hood, that's all containers are! |
|
|