= The role of Control Groups (cgroups) when used with a Docker container is not role-based access
control to clustered resources. Cgroups are a feature of the Linux kernelthat allow you to limit,
manage, and isolate resource usage of collections of processes running on a system1. Resources are
CPU time, system memory, network bandwidth, or combinations of these resources, and so
on2. Cgroups allow Docker Engine to share available hardware resources to containers and optionally
enforce limits and constraints3. Cgroups can help avoid “noisy neighbor” issues and improve the
performance and security of containers4. Role-based access control (RBAC) is a different concept that
refers to controlling access to resources based on the roles of individual users within an
organization5.
: : Lab: Control Groups (cgroups) | dockerlabs : Container security fundamentals part 4: Cgroups |
Datadog Security Labs : Docker Namespace Vs Cgroup. Namespace and Cgroup | by MrDevSecOps -
Medium : Role-based access control - Wikipedia : Control groups (cgroups) - Learn Docker -
Fundamentals of Docker 18.x …
