什么是Docker跨平台架构 [英] What is the Docker cross platform architecture

问题描述

Docker不是VM，因此它仅运行OS本身的应用程序，对吗？这是否意味着Docker for Windows仅运行Windows .exe文件？那么，用于Windows和Linux的Docker容器有什么共同点，如果有的话？容器可以以任何方式在不同的操作系统上重用吗？

Docker isn't a VM so it only runs apps native to the OS, right? Does that mean Docker for Windows only runs Windows .exe files? So Docker containers for Windows and Linux, what do they have in common, if anything? Are containers reusable on different operating systems in any way?

推荐答案

• Docker is' t VM


• "Docker isn't a VM"

正确，容器应视为在沙箱中运行的进程。如果您搜索这种隔离在Linux中的发生方式，肯定会遇到命名空间& cgroups 。我最近看到的一种容器定义指出：

Correct, containers should be considered as processes running in a sandbox. If you search about how this isolation takes place in Linux, you'll definitely run into namespaces & cgroups. One definition of containers I've seen lately states that:




容器是过程 tarball，锚定到命名空间，并由 cgroups

"containers are processes born from tarballs, anchored to namespaces and controlled by cgroups"

照片由 Dan Mayer ，＃LeadDevLondon-2018年6月

photo by Dan Mayer, #LeadDevLondon - June 2018

您还可以在此处找到有关linux容器的一些有趣的东西：< a href = https://www.slideshare.net/jpetazzo/anatomy-of-a-container-namespaces-cgroups-some-filesystem-magic-linuxcon rel = nofollow noreferrer>容器的剖析：命名空间， cgroups& JérômePetazzoni撰写的File File Magic-LinuxCon

You can also find some interesting stuff regarding linux containers here: Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon by Jérôme Petazzoni






• Docker for Windows仅运行Windows .exe文件吗？


• Docker for Windows only runs Windows .exe files?

否。考虑具有Windows PC的开发人员可能会在基于Linux的容器上工作，这些容器随后会部署到云中。 Docker for Windows带来了这种灵活性，但是，如果您运行linux容器，则它们将在某种虚拟化环境上运行。最初， Docker工具箱使用的是Oracle Virtualbox，现在是适用于Windows的Docker 使用Hyper-V。

No. Consider that a developer with a Windows PC might work on linux based containers that are later deployed to the cloud. Docker for Windows brings this flexibility, BUT if you run linux containers, these will be running on some kind of virtualization environment. Initially, Docker toolbox was using Oracle Virtualbox, now Docker for Windows uses Hyper-V.

我不我不太了解Windows操作系统内部如何进行隔离，但是我认为逻辑类似于Linux。有关 Windows容器的信息：

I don't know much about how the isolation takes place inside the Windows OS but I think the logic is similar to Linux. Some info about Windows containers:




Windows容器类型





Windows容器包含两种不同的容器类型或运行时。

Windows Container Types

Windows Containers include two different container types, or runtimes.

Windows服务器容器 –通过进程和名称空间隔离技术提供应用程序隔离。 Windows Server容器与容器主机以及主机上运行的所有容器共享一个内核。这些容器不提供敌对的安全边界，不应用于隔离不受信任的代码。由于共享的内核空间，这些容器需要相同的内核版本和配置。

Windows Server Containers – provide application isolation through process and namespace isolation technology. A Windows Server Container shares a kernel with the container host and all containers running on the host. These containers do not provide a hostile security boundary and should not be used to isolate untrusted code. Because of the shared kernel space, these containers require the same kernel version and configuration.

Hyper-V隔离 –扩展了由...提供的隔离Windows Server容器，方法是在高度优化的虚拟机中运行每个容器。在这种配置中，容器主机的内核不与同一主机上的其他容器共享。这些容器设计用于具有虚拟机相同安全性保证的恶意多租户托管。由于这些容器不与主机或主机上的其他容器共享内核，因此它们可以运行具有不同版本和配置的内核（受支持的版本）-例如，Windows 10上的所有Windows容器都使用Hyper-V隔离来利用内核。 Windows Server内核版本和配置。

Hyper-V Isolation – expands on the isolation provided by Windows Server Containers by running each container in a highly optimized virtual machine. In this configuration, the kernel of the container host is not shared with other containers on the same host. These containers are designed for hostile multitenant hosting with the same security assurances of a virtual machine. Since these containers do not share the kernel with the host or other containers on the host, they can run kernels with different versions and configurations (with in supported versions) - for example all Windows containers on Windows 10 use Hyper-V isolation to utilize the Windows Server kernel version and configuration.

在Windows上运行带有或不带有Hyper-V隔离的容器是运行时的决定。您可以选择首先使用Hyper-V隔离创建容器，然后在运行时选择将其作为Windows Server容器运行。

Running a container on Windows with or without Hyper-V Isolation is a runtime decision. You may elect to create the container with Hyper-V isolation initially and later at runtime choose to run it instead as a Windows Server container.






• Windows和Linux，它们有什么共同点，如果有的话？


• Windows and Linux, what do they have in common, if anything?

通常，我会回答说容器服务于微服务的思想，关注点分离，做一件事&

In general, I would answer that containers serve the idea of Microservices, separation of concerns, do one thing & do it well.






• 可重复使用的容器


• Are containers reusable on different operating systems in any way?

是和否。您可能会遇到限制。例如，如果您有一个启动 FROM ubuntu：latest 的应用程序，并且想使其在树莓派上运行，则必须从基础映像构建一个新容器。专为手臂架构而设计。 Docker并不是一个可以使用任何容器并使之在任何体系结构，OS上运行的抽象……您必须知道您要实现的目标，并仔细决定最终选择使用什么。

Yes and No. You may face limitations. For example, if you have an application that starts FROM ubuntu:latest and want to make it work on a raspberry Pi, you will have to build a new container from a base image that is made for arm architecture. Docker is not an abstraction that will take any container and make it work on any architecture, OS... You have to know what you are trying to achieve and carefully make your decisions on what you finally choose to use.

这篇关于什么是Docker跨平台架构的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！