Linux Namespaces

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

Internal

Overview

Namespaces enable creating an abstraction of a particular global system resource, making it appear as a separated instance to processes within a specific namespace. As result, several containers can use the same resource simultaneously without collisions.

Namespace Types

Mount Namespaces

The mount namespaces isolate the set of filesystem mount points seen by a group of processes. Processes in different mount namespaces can have different views of the filesystem hierarchy. mount()/umount() do not operate on a global set of mount points anymore, and instead they perform operations that affect just the mount namespace associated with the container process.

PID Namespaces

The PID namespace provides separation of processes. It removes the view of the system processes, and allows process IDs to be reused, including pid 1.

UTS Namespaces

The UTS namespace is for setting the hostname and the domain that is visible to running processes in that namespace. Each container can have its own hostname.

IPC Namespaces

The IPC (POSIX/SysV IPC) namespace provides separation of named shared memory segments, semaphores and message queues.