Does docker share the kernel with the host?-Docker-php.cn

Table of Contents

Docker and the host share the kernel

Home

Operation and Maintenance

Docker

Does docker share the kernel with the host?

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Mar 08, 2022 pm 03:22 PM

docker

Docker and the host share the kernel; the Docker container is essentially a process on the host. Docker implements resource isolation through namespace. Docker and the host share the kernel essentially through the kernel's namespace and cgroup. Implemented process isolation.

Does docker share the kernel with the host?

The operating environment of this tutorial: linux7.3 system, docker-1.13.1 version, Dell G3 computer.

Docker and the host share the kernel

The essence is process isolation achieved through the kernel namespace and cgroup

When talking about Docker, we often talk about the implementation of Docker. Many developers know that Docker containers are essentially processes on the host machine. Docker implements resource isolation through namespace. Resource restrictions are implemented through cgroups, and efficient file operations are implemented through the copy-on-write mechanism. But when going deeper into the technical details such as namespaces and cgroups, most developers will feel at a loss. So here, I will first lead you into the Linux kernel and understand the technical details of namespace and cgroups.

namespace resource isolation

If you want to implement a resource isolation container, where should you start? Some people's first reaction may be the chroot command. The most intuitive feeling given to users by this command is that the mount point of the root directory / is switched after use, that is, the file system is isolated. Next, in order to communicate and locate in a distributed environment, the container must have an independent IP, port, routing, etc., so network isolation naturally comes to mind. At the same time, the container also needs an independent host name to identify itself on the network. When I think of the network, I naturally think of communication, and I also think of the need for isolation of inter-process communication. Developers may also have thought about the issue of permissions. The isolation of users and user groups realizes the isolation of user permissions. Finally, the application running in the container needs to have its own (PID), and naturally needs to be isolated from the PID in the host.

Thus, the six isolations required for a container are basically completed. The Linux kernel provides these six namespace isolation system calls, as shown in Table 1-1.

Does docker share the kernel with the host?

In fact, one of the main purposes of the Linux kernel implementing namespace is to implement lightweight virtualization (container) services. Processes in the same namespace can sense each other's changes and know nothing about external processes. This can give the process in the container the illusion that it is in an independent system environment, thereby achieving independence and isolation.

Recommended learning: "docker video tutorial"

The above is the detailed content of Does docker share the kernel with the host?. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks ago By DDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks ago By DDD

Where to find the Crane Control Keycard in Atomfall

3 weeks ago By DDD

Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation

4 weeks ago By DDD

Roblox: Dead Rails - How To Complete Every Challenge

3 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7575

CakePHP Tutorial

1386

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

110

Related knowledge

How to update the image of docker Apr 15, 2025 pm 12:03 PM

The steps to update a Docker image are as follows: Pull the latest image tag New image Delete the old image for a specific tag (optional) Restart the container (if needed)

How to use docker desktop Apr 15, 2025 am 11:45 AM

How to use Docker Desktop? Docker Desktop is a tool for running Docker containers on local machines. The steps to use include: 1. Install Docker Desktop; 2. Start Docker Desktop; 3. Create Docker image (using Dockerfile); 4. Build Docker image (using docker build); 5. Run Docker container (using docker run).

How to create a mirror in docker Apr 15, 2025 am 11:27 AM

Steps to create a Docker image: Write a Dockerfile that contains the build instructions. Build the image in the terminal, using the docker build command. Tag the image and assign names and tags using the docker tag command.

What to do if the docker image fails Apr 15, 2025 am 11:21 AM

Troubleshooting steps for failed Docker image build: Check Dockerfile syntax and dependency version. Check if the build context contains the required source code and dependencies. View the build log for error details. Use the --target option to build a hierarchical phase to identify failure points. Make sure to use the latest version of Docker engine. Build the image with --t [image-name]:debug mode to debug the problem. Check disk space and make sure it is sufficient. Disable SELinux to prevent interference with the build process. Ask community platforms for help, provide Dockerfiles and build log descriptions for more specific suggestions.

How to save docker image Apr 15, 2025 am 11:54 AM

To save the image in Docker, you can use the docker commit command to create a new image, containing the current state of the specified container, syntax: docker commit [Options] Container ID Image name. To save the image to the repository, you can use the docker push command, syntax: docker push image name [: tag]. To import saved images, you can use the docker pull command, syntax: docker pull image name [: tag].

How to exit the container by docker Apr 15, 2025 pm 12:15 PM

Four ways to exit Docker container: Use Ctrl D in the container terminal Enter exit command in the container terminal Use docker stop <container_name> Command Use docker kill <container_name> command in the host terminal (force exit)

How to copy files in docker to outside Apr 15, 2025 pm 12:12 PM

Methods for copying files to external hosts in Docker: Use the docker cp command: Execute docker cp [Options] <Container Path> <Host Path>. Using data volumes: Create a directory on the host, and use the -v parameter to mount the directory into the container when creating the container to achieve bidirectional file synchronization.

How to check the name of the docker container Apr 15, 2025 pm 12:21 PM

You can query the Docker container name by following the steps: List all containers (docker ps). Filter the container list (using the grep command). Gets the container name (located in the "NAMES" column).

See all articles