Explains the nuanced differences between privileged pods and host namespace sharing in Kubernetes, clarifying common misconceptions.
A technical guide for debugging in Kubernetes by identifying which pod created a specific process using the nsenter command.
Explains how Docker and Kubernetes use Linux network namespaces and virtual interfaces to create unique IP addresses for containers and pods.
A technical exploration of container runtimes, orchestration, and the underlying Linux primitives, from low-level OCI specs to practical implementation.
Explains the core functions of low-level container runtimes, focusing on Linux namespaces and cgroups for container isolation and resource management.
A technical comparison of container technologies (Linux containers, Solaris Zones, BSD Jails) versus VMs, focusing on design philosophy and flexibility.
A technical guide explaining how to attach a new volume to a running Docker container using nsenter and bind mounts.
A guide to building Debian packages using Linux namespaces and a custom container tool called pflask, offering an alternative to pbuilder.
