Here's a preview from my zine, How Containers Work!! If you want to see more comics like this, sign up for my saturday comics newsletter or browse more comics!
get the zine!
read the transcript!
inside a container, things look different2`
Illustration of a smiling stick figure with curly hair.
Person: I only see 4 processes in ps aux, that’s weird…
why things look different: namespaces
Illustration of a container, represented by a box with a smiley face
Container: I’m in a different PID namespace so ps aux shows different processes!
every process has 7 namespaces
$ lsns -p 273
NS TYPE
4026531835 cgroup
4026531836 pid
4026531837 user
4026531838 uts
4026531839 ipc
4026531840 mnt
4026532009 net
-p is the PID
4026532009 is the namespace ID
you can also see a process’s namespace with:
$ ls -1 /proc/273/ns
there’s a default (“host” namespace)
Person: “outside a container” just means “using the default namespace”
processes can have any combination
Container: I’m using the host network namespace but my own mount container namespace!