2
edits
Changes
document kernel.pid_ns_hide_child=1
From [[CT0]] one can see all the processes running on the system; that
includes all the processes of all [[container]]s and the processes of the
[[host system]] itself. Sometimes you just want to see the processes from thehost system only. Sometimes you just want to see the processes from a
particular container.
== Solutions ==
=== Hide container processes from host completely ===
It is possible to hide other CT's processes from [[CT0]]. For this just enable kernel.pid_ns_hide_child sysctl parameter:
sysctl -w 'kernel.pid_ns_hide_child=1'
and restart all containers. To make setting permanent put into /etc/sysctl.conf following line:
kernel.pid_ns_hide_child=1
After this ps or htop or top do not show anymore other container processes.
=== "Poor man's vzps in bash" ===
