[CFP ] Containers are just processes: a Linux perspective #197
Description
Description
Containers are ordinary Linux processes that are started with a different set of kernel primitives primarily namespaces, cgroups, and filesystem isolation. This talk presents a kernel first mental model of containers, focusing on what actually happens when a container starts, rather than how container tools abstract it.
In this 20-minute session, we will walk through how the Linux kernel enables containers by:
- Creating isolated views of the system using namespaces (PID and mount)
- Exposing reality through
/proc - Safely changing the root filesystem using
pivot_root pivot_rootv/schroot- Limiting resource usage with cgroups
The goal of this talk is not to deep-dive into Docker or Kubernetes internals, but to demystify containers by understanding the exact Linux mechanisms they rely on. By the end of the session, attendees should be able to reason about containers as constrained processes rather than opaque runtime objects.
This talk is aimed at Linux users and engineers who run containers regularly and want a clearer understanding of the kernel primitives underneath no kernel hacking experience required.
Talk Duration
20 minutes
Audience Level
Beginner to Intermediate
(Linux users, DevOps engineers, students)
Prerequisites
Basic familiarity with Linux processes and the command line