Containers consume different physical resources in order to deliver their unique capabilities. However, the resource consumption has to be disciplined, orderly and hence, critically regulated. When there is a deviation, there is a greater possibility of invalidating the containers from performing their assigned tasks in time. For example, the DoS results if the resource usage is not systematically synchronized.

The Linux containers leverage cgroups to implement resource accounting and auditing to run applications in a frictionless manner. As we all know, there are multiple resources that contribute to run the containers successfully. They provide many useful metrics and ensure that each container gets its fair share of memory, CPU, and disk I/O. Further, they guarantee that a single container cannot bring the system down by exhausting any one of these resources. This feature helps you fend off some DoS attacks. This feature helps in running containers as multi-tenant citizens in cloud environments to ensure their uptime and performance. Any kind of exploitation by other containers are identified proactively and nipped in the bud so that any kind of misadventure gets avoided.