Chapter 3. Containers are Linux


This chapter covers

  • How OpenShift, Kubernetes, and docker work together
  • How containers isolate processes with namespaces

In the previous chapter, you deployed your first applications in OpenShift. In this chapter, we’ll look deeper into your OpenShift cluster and investigate how these containers isolate their processes on the application node.

Knowledge of how containers work in a platform like OpenShift is some of the most powerful information in IT right now. This fundamental understanding of how a container actually works as part of a Linux server informs how systems are designed and how issues are analyzed when they inevitably occur.

This is a challenging chapter—not because you’ll be editing a lot of configurations and making complex changes, but because we’re talking about the fundamental layers of abstraction that make a container a container. Let’s get started by attempting to define exactly what a container is.

3.1. Defining containers

You can find five different container experts and ask them to define what a container is, and you’re likely to get five different answers. The following are some of our personal favorites, all of which are correct from a certain perspective:

  • A transportable unit to move applications around. This is a typical developer’s answer.
  • A fancy Linux process (one of our personal favorites).
  • A more effective way to isolate processes on a Linux system. This is a more operations-centered answer.

3.2. How OpenShift components work together

3.3. Application isolation with kernel namespaces

3.4. Summary