A handy way to try weird things in docker is using play-with-docker. You get a four hour session for free, after four hours everything will be deleted, but you can start a new session.
Installing on Ubuntu.
wget -qO- https://get.docker.com/ | sh
In order to run docker commands without using sudo you need to add docker to your group.
sudo usermod -aG docker ubuntu
Container - Isolated area of an OS with resource usage limits applied.
Namespaces and Control Groups are hard, which is why containers were unusable by mortals before docker.
Each container looks and feels like a regular OS. It has its own eth0, users, kernel. These are completely isolated from every other container running on the system.
Namespaces are analogous to what Hypervisors do on hardware.
- Process ID (pid)
- Network (net)
- Filesystem/mount (mnt)
- Inter-proc comms (ipc)
- UTS (uts)
- User (usr)
Resource usage limits