14:[["$","$L136",null,{"props":{"lessonContent":{"components":[{"type":"SlateHTML","content":{"html":"

Control groups

If namespaces are about isolation, control groups (cgroups) are about limits.

Think of containers as similar to rooms in a hotel. While each room might appear to be isolated, they actually share many things, such as water, electricity, air conditioning, a swimming pool, a gym, elevators, a breakfast bar, and more. Containers are similar—even though they’re isolated, they share many common resources, such as the host’s CPU, RAM, network I/O, and disk I/O. ...

","comp_id":"aMYLbf8-LgBWC15hW85-I"},"hash":0}],"summary":{"description":"Look at control groups and capabilities in Linux.","titleUpdated":true,"title":"Control Groups and Capabilities"},"content":[{"type":"SlateHTML","content":{"html":"

Control groups

If namespaces are about isolation, control groups (cgroups) are about limits.

","comp_id":"aMYLbf8-LgBWC15hW85-I"},"hash":0}],"darkModeContent":[{"type":"SlateHTML","content":{"html":"

Control groups

If namespaces are about isolation, control groups (cgroups) are about limits.

","comp_id":"aMYLbf8-LgBWC15hW85-I"},"hash":0}]},"isPreviewLesson":false,"pageType":"collection_lesson","aiCoachVideoUrl":"https://youtu.be/kgl8y9J3O6c","collectionDetailsSSR":{"title":"Docker Deep Dive: Advanced Techniques","summary":"If you want to thrive in the modern cloud-first world, you must know Docker. But don’t stress, this course will give you all the necessary skills.\n\nYou will learn how to deploy apps with Docker Compose, a key tool for managing multi-container applications running in single-engine mode. You will then move on to Docker Swarm, which will allow you to stand up containers and orchestrate them at scale. Next, you will explore Docker networking, deploying apps with Docker stacks, and some of the industry tools used for keeping Docker secure.\n\nAfter completing this course, you will be equipped with the knowledge and tools to run Docker at scale, no matter how many containers you have.","details":"","clos":["The ability to deploy applications with Docker Compose and Docker stacks","An understanding of Docker Swarm","Familiarity with Docker networking","An understanding of Docker security technologies"],"arabic_available":false,"page_tags":{"4621881181732864":"","5702716714647552":"","4926956030656512":"","5641004628049920":"","5465586570625024":"","6090396300476416":"","5902493828513792":"","4730111169921024":"","5796616745779200":"","6181475174055936":"","6605488708386816":"","4599466920247296":"","6493346239873024":"","4894786088075264":"","5356918713876480":"","6534208776830976":"","5894376627109888":"","6751069376348160":"","5635270041403392":"","5044470899277824":"","6020685994917888":"","6568303586181120":"","5525973643034624":"","5000721758420992":"","5150271848579072":"","6653459533660160":"","5772345046728704":"","5868543522897920":"","4765701307367424":"","4812378080804864":"","5177190656770048":"","5441505896955904":"","6334346986782720":"","4920712154841088":"","4576865562394624":"","4809634031337472":"","6515462737756160":"","4827300810457088":"","4896212084326400":"","6305797768740864":"","4934986881302528":"","5215861468561408":"","4728382412029952":"","4969239950131200":"","6508682477568000":"","5927080773025792":"","6104441866944512":"","4570333754425344":"","5280925458366464":"","6350291985760256":"","6656618163339264":"","5419433187606528":"","6707402777821184":"","6658674123079680":"","6732300134383616":"","6625432221253632":"","4808885114765312":"","5674297218039808":"","6263115088396288":"","5768322172321792":"","6485825819246592":"","5243746308849664":"","5756088662622208":"","5975459167207424":"","5764196688461824":"","5028607169134592":"","4969271961059328":"","5088555649990656":"","4593187276980224":"","5034252902072320":"","5577119608733696":"","6525855797215232":"","5896558615068672":"","5030814708793344":"","5898630936788992":"","6414937163694080":"","4590851131310080":"","5258333122854912":"","5397563295793152":"","5324755010191360":"","6143714794012672":"","5327572793950208":"","5371761732747264":"","5327590292586496":"","6644696690851840":"","5160254829887488":"","4738623359811584":"","6428883714179072":"","5899416000397312":""},"collection_toc_is_enabled":true,"page_count":null,"docker":{"container":{"file":{"name":"test.tar.gz","size":2289},"imageName":"author-10370001-collection-5727054096498688-rev-32-container-4883588748541952-test","buildStatus":"SUCCESS","buildStatusUrl":"/api/author/10370001/collection/5727054096498688/containers/4883588748541952/build/status","buildLogUrl":"/api/author/10370001/collection/5727054096498688/containers/4883588748541952/build/log","metadata":{"sizeInBytes":2289},"id":-1,"tarballDownloadUrl":"/api/author/10370001/collection/5727054096498688/containers/4883588748541952/download","rebuildImageUrl":"/api/author/10370001/collection/5727054096498688/containers/4883588748541952/rebuild","track":false},"envs":[],"jobs":[{"key":"fNz_3nDMz07Casz1eS24d","runInLiveContainer":true,"name":"counter-app2","startScript":"cd course-content/counter-app","inputFileName":"foo","https":false,"runScript":"cp -r /usercode/* /course-content/counter-app/ && cd /course-content/psweb-master/ && rm __ed_script.sh __ed_stdout.txt main.sh __ed_stderr.txt","forceRelaunchOnCompChange":true,"buildScript":"","ports":"5000"},{"key":"RmPjXa6ufkAfd-YSCK6Nb","runInLiveContainer":true,"name":"counter-app-manual","startScript":"cd usercode ","inputFileName":"foo","https":false,"runScript":" rm __ed_script.sh __ed_stdout.txt main.sh __ed_stderr.txt && rm -r output ","forceRelaunchOnCompChange":true,"buildScript":"","ports":"5000"},{"key":"wExsYcuBVcz_GZ0WDHfvk","name":"counter-app-automatic","inputFileName":"foo","runScript":" rm __ed_script.sh __ed_stdout.txt main.sh __ed_stderr.txt","runInLiveContainer":true,"ports":"5000","startScript":"cd usercode\ndocker-compose up &","https":false,"forceRelaunchOnCompChange":true},{"key":"OcMrcyVM1qeQbLSSMG_WI","name":"counter-app-automatic-up-d","inputFileName":"foo","runScript":"rm __ed_script.sh __ed_stdout.txt main.sh __ed_stderr.txt\ncp app.py /var/lib/docker/volumes/usercode_counter-vol/_data/app.py","runInLiveContainer":true,"ports":"5000","startScript":"cd usercode && docker-compose up -d","https":false,"forceRelaunchOnCompChange":true},{"key":"7gsxwIWeqq9rPH40ej1LT","name":"port mapping","inputFileName":"foo","runScript":"docker network create -d bridge localnet\ndocker container run -d --name web --network localnet --publish 5000:80 nginx","ports":"5000","startScript":"docker network create -d bridge localnet\ndocker container run -d --name web --network localnet --publish 5000:80 nginx","runInLiveContainer":true,"https":false,"forceRelaunchOnCompChange":true},{"key":"7UdRIX2qw_A9beK3I4YzS","name":"ingress_load_balancing","inputFileName":"foo","runScript":"ls","ports":"5005","startScript":"docker swarm init","runInLiveContainer":true,"https":false,"forceRelaunchOnCompChange":true,"jobType":"Live","forceRelaunchOnRun":true},{"key":"FuOcigVdWBBVmabTp2n7k","runInLiveContainer":true,"name":"basic_shell","startScript":"echo \"port 5000 exposed\"","inputFileName":"foo","https":false,"runScript":"echo \"\"","forceRelaunchOnCompChange":true,"buildScript":"","ports":"5000"},{"key":"fftC_CUZAFGRPdRgdS1v-","runInLiveContainer":true,"name":"sharing_storage","startScript":"cd usercode && docker plugin install purestorage/docker-plugin:v3.10 --alias pure --grant-all-permissions","inputFileName":"foo","https":false,"runScript":"echo \"\"","forceRelaunchOnCompChange":true,"buildScript":"","ports":"5000"},{"key":"0ivdj9Ln_x8pvxlv4fItW","name":"counter-app2-copy","inputFileName":"foo","runScript":"cp /usercode/app.py /usercode/counter-vol/app.py","ports":"5000","startScript":"mkdir -p /usercode/counter-vol && cp /usercode/app.py /usercode/counter-vol/app.py && clear\ncd /usercode && docker-compose up -d","jobType":"Live","https":false,"forceRelaunchOnCompChange":true,"runInLiveContainer":true},{"key":"H9Pigbm999L1qaBnFf6AD","jobType":"Live","name":"RUN_COMPOSE_FILE_NEW","inputFileName":"compose.txt","runScript":"ls","ports":"5001","startScript":"cd usercode/multi-container","forceRelaunchOnRun":true,"runInLiveContainer":true},{"key":"sWICitKio5B6m4Bm-e_yJ","jobType":"Live","name":"PORT_Mapping_WithSPA","inputFileName":"foo ","runScript":"ls","ports":"5005","startScript":"docker network create -d bridge localnet","runInLiveContainer":true},{"key":"yHCT8zytoZN8Yp4X9relu","jobType":"Live","name":"RUN_COMPOSE_FILE_NEW-copy","inputFileName":"compose.txt","runScript":"ls","ports":"5001","startScript":"cd usercode/multi-container\ndocker compose up &","forceRelaunchOnRun":true,"runInLiveContainer":true}],"testRunners":[],"version":3,"loaded":true},"discounted_price":null,"cover_image_id":6548790468542464,"cover_image_metadata":"{\"width\":1024,\"height\":512,\"sizeInBytes\":39870,\"name\":\"Docker Deep Dive.png\"}","cover_image_serving_url":"/v2api/collection/10370001/5727054096498688/image/6548790468542464","tags":["Docker","Docker stacks","Docker security","Docker swarm","Swarm primer"],"intro_video_url":"","intro_video_thumbnail_url":"","aggregated_widget_stats":{"MarkdownEditor":75,"codeExerciseCount":0,"codeRunnableCount":12,"codeSnippetCount":199,"illustrations":71,"MxGraphWidget":2,"TerminalWidget":8,"Code":51,"WebpackBin":4,"Quiz":8,"Columns":0,"LiveApp":0,"projects":0,"assessments":0,"cloudlabs":0,"DrawIOWidget":69,"SlateHTML":293,"EditorCode":148,"TableHTML":2,"Image":0},"default_themes":{"code_themes":{"Code":"default","Markdown":"default","RunJS":"default","SPA":"default","isForced":{"Code":false,"Markdown":false,"RunJS":false,"SPA":false}}},"api_keys":{"api_keys":[]},"skills":["DevOps","Docker","Docker Compose","Docker Swarm"],"testimonials":[],"licensing":null,"target_audience":"advanced","author_id":"10370001","collection_id":"5727054096498688","approval_status":3005,"price":39,"is_private":false,"path_type":"regular","organization_id":null,"is_mini":false,"is_priced":true,"brief_summary":"Gain insights into Docker Compose, Docker Swarm, and Docker networking. Explore app deployment, multi-container management, and security tools to thrive in the cloud-first environment.","approval_update_time":"2021-06-17T23:25:19.660Z","rating_visibility":true,"update_last_published_on_homepage":true,"show_developed_by":true,"udata_files":[],"CodeThemes":{"Code":"default","Markdown":"default","RunJS":"default","SPA":"default","isForced":{"Code":false,"Markdown":false,"RunJS":false,"SPA":false}},"is_marked_for_deletion":false,"transition_page_title":"","is_redirectable":false,"collection_type":"collection","adaptive_learning_mode":false,"HLOs_to_toc":{},"is_guide":false,"read_time":18000,"allow_logged_out_executions":false,"unique_live_widget_urls":false,"metadata_status":101,"palified_version":null},"pageSummarySSR":{"title":"Control Groups and Capabilities","description":"Look at control groups and capabilities in Linux.","discourse_page_url":"https://discuss.educative.io/tag/control-groups-and-capabilities__docker-security__docker-deep-dive-advanced-techniques?open=true&ctag=docker-deep-dive-advanced-techniques__nigel-poulton&cslug=advanced-docker-techniques&pslug=control-groups-and-capabilities"},"adaptiveLearningConfigConstantSSR":0,"enableLessonPageLockedBannerV2":true,"allowAllLessonPreview":false,"lockedBannerStatsSSR":{"b2cTrialStats":{"is_b2c_trial_active":true,"b2c_trial_active_duration":21,"b2c_trial_categories":"$137"},"b2cStatus":100,"learnerTags":"$138","workStats":1600,"interviewWorksStats":93,"inL2cStarterPack":false,"l2cWorkStats":46,"enableL2cStarterPackPaymentWidget":"false"},"pageTocSSR":"

","authorId":"10370001","collectionId":"5727054096498688","pageId":"6263115088396288","isCollectionPageLockedCachingEnabled":true,"aceFeatureFlags":{"enableAceEditor":true,"enableAceEditorForAnswers":true},"codeFeatureFlags":{"enableCodeCodeTabRedesign":"3"},"meta":{"type":["Article","TechArticle"],"title":"Control Groups and Capabilities","name":"Docker Deep Dive: Advanced Techniques","description":"Look at control groups and capabilities in Linux.","image":"https://educative.io/api/collection/10370001/5727054096498688/image/6548790468542464.png","isAccessibleForFree":false,"keywords":"$138","provider":"Educative","publisher":"Educative","id":"courses/advanced-docker-techniques/control-groups-and-capabilities","author":"Educative","educationalLevel":"advanced","noIndex":true,"isForcedNoIndex":true,"noFollow":false,"redirectInfo":{"isDeletedCollectionPageRedirectable":false},"page_titles":{"4621881181732864":"Introduction to Docker Compose","5702716714647552":"Inspecting the Stack File: Networks and Volumes","4926956030656512":"Installing Docker and Compose on Windows 10 and 11","5641004628049920":"Chapter Summary: Deploying Applications with Docker Stacks","5465586570625024":"Chapter Summary: Docker Networking","6090396300476416":"Troubleshooting","5902493828513792":"Docker Security Technologies","4730111169921024":"Introduction to Docker Overlay Networking","5796616745779200":"Using Volumes with Containers","6181475174055936":"Installing Docker and Compose on Mac","6605488708386816":"Chapter Summary: Multi-Container Apps with Compose","4599466920247296":"Chapter Summary: Docker Overlay Networking","6493346239873024":"Viewing and Inspecting Services","4894786088075264":"Deploying the Sample App","5356918713876480":"Service Discovery","6534208776830976":"Scaling and Deleting Services","5894376627109888":"Ingress Load Balancing","6751069376348160":"Inspecting the Stack File: Services","5635270041403392":"What to Expect","5044470899277824":"Linux Security Technologies","6020685994917888":"TLS and Mutual Authentication","6568303586181120":"Compose Files","5525973643034624":"Deploying Apps with Compose","5000721758420992":"Initializing a New Swarm","5150271848579072":"Swarm Manager High Availability (HA)","6653459533660160":"Single-Host Bridge Networks","5772345046728704":"Locking a Swarm","5868543522897920":"Chapter Summary: Volumes and Persistent Data","4765701307367424":"Potential Data Corruption","4812378080804864":"Introduction to Docker Stacks","5177190656770048":"Test the Overlay Network","5441505896955904":"Concluding Thoughts","6334346986782720":"Introduction to Docker Swarm","4920712154841088":"Troubleshooting Connectivity Problems","4576865562394624":"Building and Testing Docker Overlay Networks","4809634031337472":"Quiz: Docker Overlay Networking","6515462737756160":"Behind the Scenes at Swarm Security","4827300810457088":"Chapter Summary: Docker Swarm","4896212084326400":"Docker Networking Theory","6305797768740864":"MAC and Seccomp","4934986881302528":"Sharing Storage Across Cluster Nodes","5215861468561408":"Containers with Volumes","4728382412029952":"Connecting to Existing Networks and VLANs","4969239950131200":"Quiz: Deploying Applications with Docker Stacks","6508682477568000":"Quiz: Docker Networking","5927080773025792":"Introduction to Docker Networking","6104441866944512":"Signing and Verifying Images with Docker Content Trust","4570333754425344":"Managing the App","5280925458366464":"Configuring CA Settings and the Cluster Store","6350291985760256":"Build a Secure Swarm Cluster","6656618163339264":"Overview of a Sample App","5419433187606528":"Installing Docker and Compose on Linux","6707402777821184":"Docker Scout and Vulnerability Scanning","6658674123079680":"Quiz: Docker Security","6732300134383616":"Rolling Updates","6625432221253632":"Introduction to Volumes and Persistent Data","4808885114765312":"Looking Forward","5674297218039808":"Introduction to Security in Docker","6263115088396288":"Control Groups and Capabilities","5768322172321792":"Containers Without Volumes","6485825819246592":"Docker Secrets","5243746308849664":"Traffic Flow Example","5756088662622208":"How Does Swarm Primer Work?","5975459167207424":"Quiz: Docker Swarm","5764196688461824":"Chapter Summary: Docker Security","5028607169134592":"External Access via Port Mappings","4969271961059328":"The Theory of Docker Overlay Networking","5088555649990656":"More on Compose Background","4593187276980224":"Quiz: Volumes and Persistent Data","5034252902072320":"Quiz: Multi-Container Apps with Compose","5577119608733696":"Sample Application Setup","6525855797215232":"Installing Docker and Compose with Multipass","5896558615068672":"Docker Installations","5030814708793344":"Managing Apps with Compose","5898630936788992":"Clean Up","6414937163694080":"Build Docker Nodes with Multipass","4590851131310080":"Deploy and Manage an App on Swarm","5258333122854912":"Build a Swarm Lab","5397563295793152":"Clean Up","5324755010191360":"Build WebAssembly Apps with Docker","6143714794012672":"Intro to Wasm and Wasm containers","5327572793950208":"Creating a Wasm App","5371761732747264":"Containerize a Wasm App","5327590292586496":"Clean Up","6644696690851840":"Chapter Summary: Docker and WebAssembly","5160254829887488":"Clean Up","4738623359811584":"Quiz: Docker and WebAssembly","6428883714179072":"Clean Up","5899416000397312":"Clean Up"},"is_marked_for_deletion":false,"transition_page_title":"","is_redirectable":false,"deleted_course_lesson_redirect":{"author_id":null,"collection_id":null,"page_id":null,"redirect_url_slug":null},"metadata_status":101,"additional_course_alternatives":[]},"requestUrl":"/courses/advanced-docker-techniques/control-groups-and-capabilities","requestUrlInfo":{"authorId":10370001,"collectionId":5727054096498688,"pageId":6263115088396288,"courseUrlSlug":"advanced-docker-techniques","pageUrlSlug":"control-groups-and-capabilities"},"isExternalContent":false}}],[["$","script",null,{"id":"generate-data","type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"$139"}}],false,"$undefined"]]