You almost certainly don't desire to set up linux namespaces, cgroups and every little thing else from scratch for every new container you ought to build. The tool that does it for yourself is called the "container runtime" - the low, even the bottom level utility of each container setting. https://bibisoutherncontainers.com/
