Krishnamohan Yerrabilli ☸️

Krishnamohan Yerrabilli ☸️



Linux namespaces are an important feature that helps to create separate environments in which programs can run independently. This is crucial in modern, container-based systems where multiple programs must run on the same server without interfering with each other. 🧵👇

Technologies like Docker, Kubernetes are actually dependent on the Linux kernel to work things out. The term container is a collection of Linux features called namespaces. Let's see what those are.

/ IPC Namespace It provides a container with its own set of System V IPC objects, such as message queues, shared memory segments, and semaphores. System V IPC objects were originally developed in the Unix System V operating system, These mechanisms have later adopted by Linux.

/ Network Namespace It provides a container with its own network stack, which includes network interfaces, routing tables, and firewall rules. This helps in isolating the container's network traffic from the host system and other containers.

/ Mount Namespace It provides a container with its own filesystem view. This means that a container can have its own set of mounted filesystems The changes made to the mounted filesystems inside the container will not affect the host system.

/ UTS Namespace Unix Time-Sharing Namespace allows a container to have its own hostname and domain name. This helps in identifying the container and avoids conflicts with the host system.

/ UID Namespace Provides a container with its own set of user and group IDs, which helps in isolating users and groups within the container from the host system. It also helps in avoiding conflicts with user and group IDs on the host system.

/ PID Namespace Each process in Linux is assigned a unique Process ID (PID) number. It allows each process to have its own range of PIDs, which helps isolate processes within the container and prevents them from interfering with processes outside of the container.

/ Process isolation It is a broader concept, typically achieved through the use of various techniques such as namespace isolation, cgroups, and seccomp filters. I'll explain cgroups and seccomp features in another thread.

/ High-level View By isolating different resources and aspects of the system, containers can provide security Using all of this provides a consistent runtime environment for applications without interfering with each other or the host system.

My mission is to guide people who want to get into DevOps, from basics to advanced!! If you had a good time reading this please retweet the first tweet to help others as well. See you with another one soon, Have a Wonderful day!!

Follow us on Twitter

to be informed of the latest developments and updates!

You can easily use to @tivitikothread bot for create more readable thread!
Donate 💲

You can keep this app free of charge by supporting 😊

for server charges...