I disagree with the following lines:
"The catch using namespaces is that you can only run one namespace at a time. If you run user namespacing you e.g. can't use network namespacing on the same host [6]."
The cited document only states that it is not possible to share "PID or NET namespaces with the host" while using the user namespace, but that does not mean that generally speaking only one namespace can be used at a time.
Furthermore, other documents and blog entries explicitly state that "[m]odern containerization systems (e.g. Docker, LXC, etc.) use all of these namespaces when programs are launched". (https://blog.selectel.com/containerization-mechanisms-namespaces/)
Probably you meant the right thing but formulated it a bit ambiguous.
I would be very glad to hear your thoughts about this topic!
I disagree with the following lines: "The catch using namespaces is that you can only run one namespace at a time. If you run user namespacing you e.g. can't use network namespacing on the same host [6]." The cited document only states that it is not possible to share "PID or NET namespaces with the host" while using the user namespace, but that does not mean that generally speaking only one namespace can be used at a time. Furthermore, other documents and blog entries explicitly state that "[m]odern containerization systems (e.g. Docker, LXC, etc.) use all of these namespaces when programs are launched". (https://blog.selectel.com/containerization-mechanisms-namespaces/) Probably you meant the right thing but formulated it a bit ambiguous.
I would be very glad to hear your thoughts about this topic!