General observations …

• Is there a market for a book on underlying container technology?
• Works with context outside of Docker? podman? cgroups v2?
• “system containers” such as LXC and LXD?
• technologies:
  • cgroups
  • namespaces
  • chroot
• scanning images
• rootfull versus rootless images
• too much setuid stuff, need to assume a lot of that
• emphasize ephemeral images

• “sidecar” containers
• Docker daemon needs to run as root, podman has no daemon
• “runc” and JSON bundle