Containers Don't Exist - Your Kernel Is Lying to You

Containers vs VM - both give you isolation — so what's actually different? A container isn't a lightweight VM. This video breaks down exactly what happens when you run `docker run` and `docker exec`. You'll see namespaces, cgroups, and the `setns` syscall in action. We'll also cover why Docker on Mac is slower, why AWS Lambda uses Firecracker for multi-tenant isolation, and what CVE-2019-5736 proved about container security. **What you'll learn:** - How PID, mount, network, and user namespaces create isolation - What cgroups do for resource limiting - The reason Docker Desktop on Mac has sl…