
Linux Namespaces and Go Don't Mix - asymmetric
https://www.weave.works/blog/linux-namespaces-and-go-don-t-mix
======
netingle
Particularly interesting, given that most of the software in the container
space seems to be written in go: Docker, Kubernetes etc

~~~
bboreham
Docker uses this workaround:
[https://github.com/opencontainers/runc/tree/master/libcontai...](https://github.com/opencontainers/runc/tree/master/libcontainer/nsenter)

"The nsenter package registers a special init constructor that is called
before the Go runtime has a chance to boot."

Kubernetes relies on CNI drivers which exit very soon after changing
namespace; essentially they cross fingers and hope the problem won't strike.

