Security Stuff
  • About
  • HackTheBox
    • Windows
      • Forest
      • Escape
      • Timelapse
      • Support
    • Linux
      • TwoMillion
      • Soccer
      • Pollution
      • Pilgrimage
      • Sandworm
  • Windows
    • Authentication
      • Overview
      • Logon
      • Kerberos
      • Credential
    • Active Directory
      • Domain Service
        • LDAP
        • AD Objects
      • Key Distribution Center
      • Certificate Service
    • Windows Protocols
      • SMB
    • Windows Server
      • MSSQL
    • Execution
      • Windows APIs
      • Remote Access
        • WinRM
    • Credential Access
      • Kerberos Ticket
        • Kerberoasting Attack
        • Golden/Silver Ticket Attack
        • AS-REP Roasting Attack
      • OS Credential Dumping
        • DCsync Attack
      • Certified Pre-Owned
  • Linux
    • Management
      • Package
    • Process
      • Namespace
      • Terminal
  • Web
    • Authentication
      • SAML
      • OAuth
    • Enumeration
  • Defense
    • Windows
      • Windows Event Logs
  • Development
    • Programming Language
    • Database
      • MySQL
    • Virtualization
      • Container
    • Cryptography
      • GnuPG
Powered by GitBook
On this page
  • Overview
  • Docker
  • History
  • Overlay Filesystems
  • Networking
  1. Development
  2. Virtualization

Container

PreviousVirtualizationNextCryptography

Last updated 1 year ago

Overview

A restricted runtime environment for a set of processes as a lighter-weight alternative, called operating system level virtualization, to the virtual machine for the services isolation purpose.

It's possible to create containers manually, although tools, like docker and LXC, exist for tasks of creating and managing containers effectively.

Docker

History

The first versions of Docker were built on LXC.

Overlay Filesystems

The Linux kernel module OverlayFS layers two directories on a single Linux host and presents them as a single directory.

In rootless mode, Podman uses the FUSE version of the overlay filesystem.

Networking

Docker first creates a new network interface (usually docker0) on the host.

When a container is created, Docker will create a virtual interface, as a link between two network interfaces one of which lies in the new namespace, on the host.

Use the OverlayFS storage driverDocker Documentation
Logo