Skip to main content

Containers

  • What is a Container?

    • Lightweight and portable.
    • OS-level virtualization (compared to VMs).
    • Runs applications and dependencies in an isolated environment.

  • Container Runtime:

    • OCI standards for container image format.
    • Examples: containerd, CRI-O, runc, Docker.
    • How Kubernetes interacts with container runtimes through the Container Runtime Interface (CRI).

  • Container Images:

    • Layers and image composition.
    • Building images using Dockerfile.
    • Storing and retrieving images from registries (Docker Hub, Artifact Registry, etc.).

  • Container Lifecycle:

    • Creation, running, stopping containers.
    • Restart policies in Kubernetes (Always, OnFailure, Never).

  • Security:

    • Image scanning and vulnerability management.
    • Running containers with least privilege (user ID and group).
    • Container isolation using namespaces and cgroups.

  • Networking:

    • Container Network Interface (CNI) plugins.
    • Port mapping and exposing services.
    • Container-to-container and container-to-host communication.

  • Storage:

    • Ephemeral storage (temporary storage for containers).
    • Persistent storage (using volumes in Kubernetes).
    • Mounting and sharing volumes between containers.
Back to top