Seonglae Cho리눅스는 root로부터 file system이 모두 시작하고 리눅스 자체가 파일 기반 os
그래서 fake root인 /chroot를 root로 지정해서 해당 경로에 process를 가둘 수 있게 한다
처음에 ftp 원격 유저등을 가두기 위한 용도로 사용
chroot cli는 new root와 실행할 커맨드를 인자로 받는다
chroot의 문제점
- fake root path is escapable - pivot_root
- unisolated user authority filesystems, process tree, network, ipc ... - linux namespace
- unlimited resource - cgroup
A Brief History of Containers: From the 1970s Till Now
When we first published this blog post in 2017, the technology landscape for containers was quite different than it is today. Over the past two years, we have seen significant changes take place that affected, and continue to affect how Containers are adopted.
https://blog.aquasec.com/a-brief-history-of-containers-from-1970s-chroot-to-docker-2016
1편.컨테이너 인터널(1)
컨테이너란 무엇일까요? 마법 상자를 열어 보도록 하겠습니다.제가 처음 도커를 접했을 때는
https://netpple.github.io/docs/make-container-without-docker/container-internal-1
Containers are chroot with a Marketing Budget
Containers are chroot with a Marketing Budget Every explanation is a simplification. There are many ways to understand how containers work, but most useful explanations are actually simplifications. Many people have settled on explaining containers by calling them 'light-weight VMs' and they are light-weight because they 'share the kernel with the host'.
https://earthly.dev/blog/chroot
A Brief History of Containers: From the 1970s Till Now
When we first published this blog post in 2017, the technology landscape for containers was quite different than it is today. Over the past two years, we have seen significant changes take place that affected, and continue to affect how Containers are adopted.
https://blog.aquasec.com/a-brief-history-of-containers-from-1970s-chroot-to-docker-2016