ACC contains a driver module that performs the file system hooking and system call hooking for getting the call-back. When you receive the call-back, the decision to ALLOW or DENY execution, or CHANGE CONTROL for executables and files is taken. For this decision to be taken, you must scan and add hooks (if supported) for all new block devices, both physical and virtual.

In cases where deployment (large scale) of containers by Kubernetes is executed using a docker as the container runtime, the above-mentioned problem occurs. Each container image receives multiple calls for mounting and unmounting. In addition, parallel deployment of pods creates a bottleneck and contention for shared resources (protected to avoid data races). This bottleneck leads to delays in the processing of calls and creates a situation such as the NotReady or Terminating status of pods.