Source: thenewstack.io
Linux cgroups v2 Brings Rootless Containers, Superior Memory ManagementCategory: Kubernetes, Docker
Containers and container management tools have a lot of moving parts. Although you could very quickly deploy a single Docker container without much thought, the larger you scale up that container and the more services you add to it, the more complicated it becomes.
However, cgroups v2, available as of the 4.5 version of the kernel, is now available and supported by most container deployment systems.
For example, in cgroups v2, memory protection is configured in four files: Rootless containers have become a very popular means to prevent runtime vulnerabilities in containers.
Other changes found in cgroups v2 include the likes of: It’s important to know that most high-level container runtimes (Containerd, Docker, Podman, and Kubernetes) are now capable of fully supporting cgroups v2.
However, cgroups v2, available as of the 4.5 version of the kernel, is now available and supported by most container deployment systems.
For example, in cgroups v2, memory protection is configured in four files: Rootless containers have become a very popular means to prevent runtime vulnerabilities in containers.
Other changes found in cgroups v2 include the likes of: It’s important to know that most high-level container runtimes (Containerd, Docker, Podman, and Kubernetes) are now capable of fully supporting cgroups v2.
Related Articles
Community Partners
DevOps Careers