How do containers work within Linux?
Namespaces -> The kernel can place isolate resources from each other.
Control Groups -> Limits the resources containers consume.
Seccomp -> Limits how containers can use certain system calls.
SELinux -> Protects container processes from each other and the host system from containers.
Containers are segregated user-space environments for running applications isolated from other applications sharing the same OS.
Image is a template from which a container is created – includes a runtime environment and all of the libraries and configuration files.
Image Repository is where images are stored for public or private use.
Red Hat Container Catalog
Red Hat Quay
Docker Hub
Podman is an open source tool for managing containers and container images and interacting with image registries/repositories.
Uses image format specified by Open Container Initiative (OCI) industry standards.
Stores images on local file system.
Follows the same commands as Docker CLI.
Compatible with Kubernetes.
sudo yum install podman on RHEL systems.
Kommentare