ACG Containers Flashcards
What is a Linux namespace?
Linux Namespace
A network namespace is a logical copy of the network stack from the host system. Network namespaces are useful for setting up containers or virtual environments. Each namespace has its own IP addresses, network interfaces, routing tables, and so forth.
What is ‘user’ namespace?
Linux Namespace
The user namespace is a key security feature; as each namespace can be given its own distinct set of UIDs and GUIDs.
- A user namespace can be nested up to 32 times (nested virtualization)
What is an ‘IPC’ namespace?
Linux Namespace
IPC stands for Inter-Process Communications. This namespace isolates systems resources from a process, while giving processes created in an IPC namespace visibility to each other allowing for inter-process communication.
What is the ‘UTS’ namespace?
Linux Namespace
The UTS namespace allows a single system to appear to have a different host and domain names to different process
What is a ‘mount’ namespace?
Linux Namespace
The mount namespace controls the mountpoints that are visible to each container
What is a ‘PID’ namespace?
Linux Namespace
The PID namespace provides processes w/ an independent set of process IDs (PIDs).
What is the ‘network’ namespace?
Linux Namespace
The network namespace virtualizes the network stack
How many Linux namespaces are there?
Linux Namespace
6 - user, IPC, UTS, mount, PID, network
7th - cgroups (containers)
What OS was the 1st to adopt the chroot command?
a. Redhat
b. Ubuntu
c. Unix 7
d. Kubernetes
c. Unix 7
The chroot system call was introduced during the development of Version 7 Unix in 1979.
Bill Cheswick helped develop what technology?
a. Docker
b. Kubernetes
c. chrooted jail
d. Mesos
c. chrooted jail
An early use of the term ‘jail’ as applied to chroot comes from Bill Cheswick creating a honeypot to monitor a cracker in 1991.
Process containers were later renamed? (choose 2)
a. LXC
b. control group
c. Linux Containers
d. cgroups
b. control groups
c. cgroups
To avoid any confusion with the usage of the term containers process containers were renamed Control groups or Cgroups
What is the name of the container orchestration system Google open sourced and that later became known as Kubernetes?
a. Borg
b. Swarm
c. Pod
d. Minion
a. Borg
Google’s Borg system is a cluster manager that runs hundreds of thousands of jobs, from many thousands of different applications, across a number of clusters each with up to tens of thousands of machines
What was the original project name for Kubernetes?
a. Nexus
b. Dotcloud
c. Project Seven of Nine
d. Pinehead TV
c. Project Seven of Nine
The original codename of Kubernetes within Google was “Project Seven of Nine”, a reference to the Star Trek character “Seven of Nine”.
What does a control group do?
a. Control groups help you orchestrate the deployment of your containers
b. Control groups help you better add and remove systems users
c. Cgroups allow you to allocate resources among groups of processes running on a system
d. Control groups help ensure high availability of services through replication.
c. Cgroups allow you to allocate resources among groups of processes running on a system
What Docker technology allows containers to run in a computer cluster?
a. Docker Swarm
b. Solaris
c. EC2 instance
d. Kubernetes
a. Docker Swarm
Docker Swam provides cluster management and orchestration functionality, allowing containers to be run in a cluster of machines.
