Tutorial: "Namespaces and CGroups, the basis of Linux containers" (Rami Rosen)


It is clear to everyone that containers are getting a growing part in our world. This tutorial will describe the kernel infrastructure of Linux Container projects, namely the Namespaces and CGroups subsystems, focusing on its network aspects (like Network namespaces and CGouprs networking kernel modules).

This is the suggested agenda of the talk:

  • Background: Namespaces/CGroups, the basis of containers virtualization.
  • Kernel Namespaces implementation.
  • The 6 kernel namespaces - some implementation details.
  • System calls for namespaces.
  • Namespaces usage examples, especially detailed examples of network namespaces, the ip netns command, etc.
  • CGroups kernel implementation.
  • CGroups VFS.
  • CGroups filesystem ops for handling cgroups examples.
  • The CGroups implementation.
  • 3 CGroups userspace examples
  • A very brief overview of Linux Containers projects and how they use Namespaces and CGroups.
  • Summary.

I gave this talk voluntarily three times in the past, in a LUG and in 2 meetups, and got a very good feedback from the audience. You can see the very detailed presentations here: http://haifux.org/lectures/299/.

These are links to the talks in the two meetups I mentioned earlier: