In a recent system configuration, I found myself digging into using cgroups to reserve resources for some critical system daemons. As I was digging in I discovered that cgroups (Control Groups) were one of the core concepts used in Docker (and thus Kubernetes) for managing Memory & CPU allocation.
I put together this little one-page explainer showing briefly how cgroups and namespaces work together to make the foundation of containers. Enjoy!
Additional Resources
Curious and want to dive deeper into the inner workings of Docker? Here are some resources that I have found helpful when getting started.
- This post from Julia Evans's excellent blog
- Linux man pages on namespaces and cgroups
- Docker's documentation on its underlying technology