Namespace Isolation is a technique used by #Docker in order to isolate the running containers from the main operating system which at the same time does not alter the mechanism used to allocate the resources for processes.
For example, although as appeared the PID for the containers viewed from Docker CLI are always started from 1, if we viewed it from the main operating system’s perspective, the PID might be totally different. The operating system treats that as a regular task just like other processes, but since those tasks are in Docker’s namespace, it cannot see others’ resources and will not be seen from them as well.