Abstract
- Wrap certain global system resources in an abstraction layer
- This makes it appear like the Process (进程) within a namespace have their own isolated instance of the resource
- The kernels namespace abstraction allows different groups of processes to have different views of the system
- currently seven distinct namespaces implemented: mnt, pid, net, ipc, uts, user and cgroup
API
- Consists of 3 main System Call (系统调用)