linuxlab.io
Tutorials▾
  • Linux & networking
    File system, processes, TCP/IP, BGP and OSPF
    →
  • Terraform & IaC
    HCL, state, plan/apply on a LocalStack sandbox
    →
  • Git & GitHub
    Object model, plumbing, branching, GitHub Actions
    →
All tutorials →
PricingAboutSign inCreate account
/
  • Введение
  • Уроки
  • How it works
  • Симулятор
  • База знаний
  • Собеседование
Lessons
Footer
linuxlab-TutorialsPricingAboutPrivacy & cookies
Copyright © 2026 LinuxLab. All rights reserved.

← из прошлого урока

Intermediate is done. You can bring up services. Advanced is about how the kernel works. The first lesson is namespaces, the foundation of containers. You will build by hand what Docker automates for you.

← к прошлому уроку

Продвинутый

Network namespaces by hand: what Docker does for you

18 мин · урок входит в курс «Продвинутый»

Every Docker container is a set of Linux namespaces wrapped around a runtime. The most important one is the network namespace (netns): a separate set of interfaces, routes, ARP table, sockets, and firewall.

In this lesson you repeat what Docker does internally. You create two netns by hand, connect them with a veth-pair (a virtual Ethernet cable), assign IPs, and run ping. No Docker-in-Docker, just ip.

Урок закрыт

Чтобы запустить sandbox и пройти этот урок целиком, нужен соответствующий курс. Внутри - ещё много практических уроков того же уровня и сквозной прогресс.

Купить курсВойти← Все уроки

дальше →

Network isolation is in your hands now: netns plus veth. Next come the limits. cgroups v2 is where "cpu: 0.5" and "memory: 256m" from the lesson YAML live, and how the kernel applies them. This is the second half of "what a container is".

Открыть превью: cgroups v2: where CPU and memory limits liveв курсе «Продвинутый» - /pricing
Footer
linuxlab-
Copyright © 2026 LinuxLab. All rights reserved.
Tutorials
Pricing
About
Privacy & cookies