Namespaces, cgroups, and their relationship with Docker

Namespace Concept: A feature of the Linux kernel that enables the separation of processes so that they do not share resources. Lightweight and faster than virtual machines. Virtual machines virtualize hardware, while namespaces partition kernel functionalities. Isolates kernel functionalities to prevent collision and limit resource sharing among processes. Components: PID: Process ID Network: Network devices, IP addresses, port numbers, etc. Mount: Filesystem IPC: Message queues, semaphores, shared memory, etc. UTS: Hostname, domain name User: User ID, group ID Usage: unshare: Unshares the namespace of the current process. setns: Joins the namespace of another process. clone: Creates a new process while specifying a namespace. Control Groups (cgroups) Concept: A feature of the Linux kernel that enables the creation of process groups and the allocation and management of resources like CPU, memory, disk, etc. to these groups. Provides control over the concurrent execution of processes and allows for resource limiting or prioritization. Components: CPU: CPU time allocation Memory: Memory usage limits Block I/O: I/O traffic control for block devices Network: Network bandwidth limits Usage: Mount cgroup filesystem: mount -t cgroup cgroup /sys/fs/cgroup Create cgroup: mkdir /sys/fs/cgroup/memory/mygroup Assign process and set resource limits: Assign processes to the created cgroup and set the required resource limits. Relationship with Docker Docker Concept: Docker is a tool that simplifies the deployment and management of applications using container technology. Docker containers use namespace and cgroup functionalities to run applications in isolated environments. Namespaces and Docker: PID namespace: Each container has an independent process space and runs in a different PID namespace from the host. Network namespace: Containers have an independent network stack and can have their own IP addresses, routing tables, etc., separate from the host. Mount namespace: Each container has an independent filesystem view and can have a separate filesystem tree isolated from the host filesystem. Cgroups and Docker: Resource allocation: Docker uses cgroups to allocate and limit resources like CPU, memory, disk I/O, etc. to each container. Resource monitoring: Docker can monitor the resource usage of each container through cgroups. Conclusion: Docker abstracts the complexity of Linux cgroups and namespaces, making it easier for users to create and manage containers. Users can manage containers with simple commands, without worrying about complex cgroup and namespace setups. Using the Docker command docker run automatically sets up the required namespaces and cgroups, and runs the container. Namespaces and cgroups in Linux are essential technologies in Docker, enabling the isolation and resource management capabilities of Docker containers. This allows for efficient deployment, scaling, and management of applications. ...

June 5, 2024 · 2 min · 418 words · In-Jun Hwang

What is the MVC Pattern?

The MVC pattern (Model-View-Controller) is a software design pattern that divides software into three parts and develops it. By dividing the software into three parts of the Model, View, and Controller, the MVC pattern improves the maintainability and scalability of the software, and helps developers to understand and develop the software more easily. Model The Model is the part of the software that contains the data and handles the data structure and the logic for handling the data. ...

June 5, 2024 · 2 min · 402 words · In-Jun Hwang

Understanding HTTP Status Codes

1xx (Informational): Request received and process is continuing 100 Continue: Server has received part of the request and the client should continue sending the request 101 Switching Protocols: Server has accepted the upgrade request and switched the protocol 102 Processing: Server has received the request and is processing it 103 Early Hints: Server has sent some of the response and the client can continue sending the request 2xx (Successful): Request received successfully and understood, accepted 200 OK: Request has been successfully received and understood 201 Created: Request has been successfully received and a new resource has been created 202 Accepted: Request has been received but not yet completed 203 Non-Authoritative Information: Request has been successfully received and the response is coming from the proxy 204 No Content: Request has been successfully received and there is no content in the response 205 Reset Content: Request has been successfully received and the user agent should reset the document view 206 Partial Content: Request has been successfully received and only part of the response has been transmitted 207 Multi-Status: Request has been successfully received and multiple status codes are returned 208 Already Reported: Request has been successfully received and a multi-status response is returned 226 IM Used: Request has been successfully received and an instance manipulated multi-status response is returned 3xx (Redirection): Client needs to take further action 300 Multiple Choices: Request has multiple options 301 Moved Permanently: Requested resource has been permanently moved to a new URL 302 Found: Requested resource has been temporarily moved to a different URL 303 See Other: Requested resource can be found at a different URL 304 Not Modified: Requested resource has not been modified 305 Use Proxy: Requested resource must be accessed through a proxy 306 Switch Proxy: Requested resource must be accessed through a different proxy 307 Temporary Redirect: Requested resource has been temporarily moved to a different URL 308 Permanent Redirect: Requested resource has been permanently moved to a new URL 4xx (Client Error): There is an error on the client’s side 400 Bad Request: Request is malformed 401 Unauthorized: Authentication is required 402 Payment Required: Payment is required 403 Forbidden: Request is forbidden 404 Not Found: Requested resource does not exist 405 Method Not Allowed: Requested method is not allowed 406 Not Acceptable: Requested resource is not acceptable by the client 407 Proxy Authentication Required: Proxy authentication is required 408 Request Timeout: Request timed out 409 Conflict: Request conflicts with the current state of the server 410 Gone: Requested resource is no longer available 411 Length Required: Content-Length header is required 412 Precondition Failed: Request precondition failed 413 Payload Too Large: Request is too large 414 URI Too Long: URI is too long 415 Unsupported Media Type: Unsupported media type 416 Range Not Satisfiable: Range is not satisfiable 417 Expectation Failed: Request failed 418 I’m a teapot: I am a teapot 421 Misdirected Request: Request is misdirected 422 Unprocessable Entity: Unprocessable entity 423 Locked: Resource is locked 424 Failed Dependency: Dependency failed 425 Too Early: Request is premature 426 Upgrade Required: Upgrade is required 428 Precondition Required: Precondition is required 429 Too Many Requests: Too many requests 431 Request Header Fields Too Large: Request header fields are too large 451 Unavailable For Legal Reasons: Unavailable for legal reasons 5xx (Server Error): There is an error on the server’s side 500 Internal Server Error: Server has encountered an error 501 Not Implemented: Request is not implemented 502 Bad Gateway: Gateway is malformed 503 Service Unavailable: Service is unavailable 504 Gateway Timeout: Gateway timed out 505 HTTP Version Not Supported: HTTP version is not supported 506 Variant Also Negotiates: Variant also negotiates 507 Insufficient Storage: Insufficient storage 508 Loop Detected: Loop detected 510 Not Extended: Not extended 511 Network Authentication Required: Network authentication required 599 Network Connect Timeout Error: Network connect timeout error Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Status 418 I’m a teapot: This status code was defined on April 1, 1998, by the IETF as an extension to the Hyper Text Coffee Pot Control Protocol (HTCPCP) and is intended to be used to test if a coffee pot is connected and has hot water available. It is a joke and not meant to be used in real applications. ...

June 5, 2024 · 4 min · 700 words · In-Jun Hwang

Exploring the Dispatcher Servlet

What is the Dispatcher Servlet? The Dispatcher Servlet is at the heart of Spring MVC. It is responsible for receiving client requests, delegating them to the appropriate controller, and then passing the result returned by the controller to the view. There is only one Dispatcher Servlet in a web application, and it handles all client requests. How the Dispatcher Servlet Works Receives a request from the client. Finds the controller that will handle the client’s request through Handler Mapping. Executes the controller through Handler Adapter. Transforms the result returned by the controller into a View through View Resolver. Forwards the view to the client. When using RestController, View Resolver is not used. Instead, the object is converted to JSON format and sent to the client. ...

June 5, 2024 · 3 min · 434 words · In-Jun Hwang

What is Spring Interceptor?

Spring Interceptor Interceptor performs similar role to Servlet Filter. Servlet filter provides functionality to intercept and process requests before and after they reach the servlet container. Spring Interceptor provides functionality to intercept and process requests before and after they reach the controller in Spring MVC. Interceptor is implemented using HandlerInterceptor interface. HandlerInterceptor interface provides three methods: preHandle: Method executed before the request reaches the controller postHandle: Method executed after the request has reached the controller, before the view is rendered afterCompletion: Method executed after the view has been rendered Interceptor Implementation 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class CustomInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { // Code to execute before the request reaches the controller // If false is returned, request is not forwarded to the controller return true; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { // Code to execute after the controller is executed normally // Not executed if an exception is thrown } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { // Code to execute after the view has been sent to the client // Exception object can be used to check exception information if an exception occurred // Exception information can be checked and logged } } Interceptor Registration To register the interceptor, implement the WebMvcConfigurer interface and override the addInterceptors method. ...

June 4, 2024 · 3 min · 567 words · In-Jun Hwang