- a feature of the [[Linux]] [[Kernel]] that partitions [[Kernel]] resources so that each set of [[Processes]] sees a different set of resources - key feature of namespaces is that they isolate [[Processes]] from each other - by default, each [[Linux]] system initially has a single [[Namespace]] - all system resources (i.e filesystems, process IDs, user IDs, network interfaces etc) belong to the single namespace - when running a [[Process]] you run it inside a single namespace - kinds of namespaces: - Mount - Process ID - Network - what Network namespace a [[Processes]] belongs to determines which network interfaces the app running inside the [[Processes]] sees - Inter-process communication - UTS - User ID https://blog.nginx.org/blog/what-are-namespaces-cgroups-how-do-they-work