This course provides a detailed examination of container architecture from the Linux kernel to Kubernetes, including security & resource controls, kernel structures, and low level storage & network function. This lab provides hands-on training, concepts, and demonstrations, with an emphasis on realistic deployment and troubleshooting exercises.
Topics include security (sVirt, SELinux, SECCOMP), isolation (kernel namespaces, cgroups), and data structures (Kubernetes/Linux). Together, these topics provide an architectural level understanding of the complete container stack, from the Linux kernel, to container runtime (Docker,CRI-O, runc), and container orchestration (Kubernetes).
Following a logical path from container host & image, to container runtime, to orchestrator, we will answer questions like: How does sVirt/SELinux, SECCOMP, namespaces, and isolation really work? How does the Docker Daemon work? How does Kubernetes talk to the Docker Daemon? How are container images made?
You'll walk away from this lab with the knowledge and confidence it takes to apply your current technical & architectural knowledge to containers.
