Using Linux Primitives to Build Your Own Containers

Explore the inner workings of container technology in this comprehensive tutorial led by Stéphane Graber and Christian Brauner from Canonical Ltd. Dive deep into the kernel features that power popular container tools like Docker, LXC, and LXD. Create a container from scratch, step-by-step, to gain a thorough understanding of the underlying mechanisms. Examine various namespaces and their functions, learn how to set up a suitable filesystem, integrate with a Linux Security Module (LSM), implement privilege and capability dropping, and apply restrictions using cgroups. Through hands-on demonstrations, grasp the capabilities and limitations of containers at each stage of development. Gain valuable insights into the intricate components that come together to form a container, enhancing your knowledge of Linux primitives and container architecture.