☁️ Free practice test question from: Container Orchestration (KCNA)

Cgroups (control groups) are a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of process groups. Kubernetes leverages cgroups to manage resources allocated to pods and containers, preventing one container from consuming all available resources on a node and starving others.

****

A) While network namespaces are used for network isolation in Kubernetes, cgroups themselves don't directly manage network namespaces. Network namespaces are a separate Linux kernel feature.

B) PID namespaces are indeed used for process isolation in Kubernetes, but again, cgroups are not responsible for creating or managing them.  

D) Cgroups are about resource management, not scheduling. The kube-scheduler is responsible for deciding which node a pod should run on. Once a pod is scheduled to a node, the container runtime (like Docker or containerd) uses cgroups to enforce resource limits.