🐳 Docker & Container Internals
Containers are not lightweight VMs. They're processes with kernel-enforced isolation via
Linux namespaces and resource limits via cgroups. These visualizations peel back the abstraction
to show what's really happening when you run docker run.
✦ Live
Container Internals
Namespaces, cgroups, overlay filesystem — how containers actually work under the hood
Coming soon
Networking Deep Dive
Bridge, host, overlay networks, iptables, and veth pairs
✦ Live
Image Building
Dockerfile layers, build cache, multi-stage builds, and BuildKit
Coming soon
Storage Drivers
overlay2, devicemapper, btrfs — how container storage actually works
✦ Live
Docker Compose
Service dependency DAGs, inter-service networking, volume mounts, and the compose lifecycle
✦ Live
Container Security
Capabilities, seccomp, AppArmor, rootless containers
Coming soon
Container Runtimes
containerd, runc, gVisor, Kata — the OCI runtime landscape