A namespace wraps a global system resource in an abstraction that makes it appear to the processes within the namespace that they have their own isolated instance of the global resource. Changes to the global resource are visible to other processes that are members of the namespace, but are invisible to other processes. One use of namespaces is to implement containers.

My own go-to guide for learning and re-learning containers and orchestrators.

Containers

Containers are everywhere, and for a good reason. There is extensive bibliography and documentation around the benefits and nuisances of using containers in your infrastructure. They are by no means a novel technology (brief history). We can say today with confidence it is a (the?) standard in the industry. In my opinion it will be for quite a long time, even in indirect ways. I base this conclusion in the fact that they are much more present than we are generally aware. Even ‘server-less’ tools (such CICD runners and cloud functions, between others) use variants of containers technologies to provide us with compute capabilities and allow us to run container images.

I may in the future write specific content about containers in this blog, but for now I would like to share my collection of resources & links for learning and diving deep into the containers world. They are write-ups, videos, tutorials and documentation from various authors and sources that I consider worth exploring.

Some posts and talks date from a few years back, but the underlying core concepts and visions are still both valid and relevant. Please consider this context when going through the content. In my view, it is much more relevant to focus on understanding the foundations rather than focusing on trends that may constantly change. Understanding the basis allows us to later transfer the knowledge and skills to other domains. I am also including content and learning paths for Amazon ECS and Amazon EKS.

I will try to keep this list updated and add new material eventually. That’s all for today!

P.

Resources

Containers & runtimes

• A Brief History of Containers (by Jeff Victor & Kir Kolyshkin)
• Linux Container Primitives (LinuxFest Northwest 2019)
• Container runtimes - excellent series by @IanMLewis
  • Part 1: An Introduction to Container Runtimes
  • Part 2: Anatomy of a Low-Level Container Runtime
  • Part 3: High-Level Runtimes
  • Part 4: Kubernetes Container Runtimes & CRI
• Building a container from scratch in Go - @LizRice
• SELinux, Seccomp, Sysdig Falco, and you: A technical discussion
• Are My Containers Secure Yet?! - by Phil Estes

Dive deep into Docker

• Best practices for writing Dockerfiles | Docker Documentation
• Use multi-stage builds | Docker Documentation
• About storage drivers | Docker Documentation
• Docker storage drivers | Docker Documentation
• Deep dive into Docker storage drivers - YouTube
• Use volumes | Docker Documentation
• Copy-on-write | How it works?
• Course | Docker Mastery: with Kubernetes + Swarm from a Docker Captain

Amazon ECS info & blogs

• Blog | Building Blocks of Amazon ECS
• Blog | Amazon ECS Task Placement
• Blog | Under the Hood: Task Networking for Amazon ECS
• Blog | Task Networking in AWS Fargate
• Blog | Deep Dive on Amazon ECS Cluster Auto Scaling
• Blog | Under the hood: AWS Fargate data plane
• Blog | Monitoring the Amazon ECS Agent
• Blog | Choosing container logging options to avoid backpressure
• Blog | Amazon ECS and Docker volume drivers - Amazon EBS
• Blog | Graceful shutdowns with ECS
• Blog | How to create a custom scheduler for Amazon ECS
• Video | AWS re:Invent 2019: [NEW LAUNCH] Capacity Providers
• Project | Amazon ECS CNI Plugins
• Samples | Amazon ECS FireLens Examples
• Samples | ECS reverse proxy
• Workshops | AWS Workshops for ECS by @AWS

Kubernetes & Amazon EKS

• Blog | What are Kubernetes Pods Anyway? by @IanMLewis
• Course | Certified Kubernetes Administrator (CKA) with Practice Tests
• Workshops | AWS Workshops for K8s by @AWS