Discovering OCI containers with Podman
A Linux container, roughly speaking, works like the virtualization process, where we import a pre-built image of an operating system and create a virtual machine from it. In the case of containers, the image only packages the programs and their minimal dependencies needed for the operation of an application.
A container is a set of one or more processes that stand isolated from the rest of the system.
The kernel provides the following main components:
namespacesto ensure process isolationcgroupsto control system resourcesSELinuxto ensure separation between the host and container, as well as between containers
The administration interface interacts with the kernel components and provides tools for building and managing containers. All the files needed to run a container come from an image.
Container images live in an external repository called a registry. To create a container, download the registry image and...
