In this post, we are going to isolate the filesystem, by unmounting the root directory and replacing it with a minimal root directory to be used only within the container. The changes then made to files within the namespace won't affect our host system.
The previous post introduced the Linux Namespaces feature and explained how the entire container technology is built upon it. In this post, we will quickly try to replicate some of the container functionalities with Namespaces using just our terminal.
In this series of posts, we explore how docker works under the hood. Especially we will focus on how docker isolates the application environment and how is it different from using a virtual machine.
