Docker和Host之间的进程任务结构 [英] Process task structure between Docker and Host
问题描述
在Docker和主机进程之间的进程任务结构如何不同?
由于处理过的内核是通过称为 task_struct
的结构表示的,该容器中的结构是相同的。
容器基于
内核提供安全,硬件和内部数据结构的抽象。 open()系统调用通常用于获取文件句柄
在下面的图中注意到
bash
一个getpid()
调用请求自己的进程标识。
另外,注意cat
命令请求访问/ etc / hosts
与文件open()
调用。
How the process task structure is different in both docker and the host process any specific module is differed in docker apart from host?
Since processed are represented in kernel by structure called ‘task_struct
', that structure is the same in a container.
A container is based on system calls to the host kernel, and any kernel-related structure comes directly from said kernel.
See "Architecting Containers: Why Understanding User Space vs. Kernel Space Matters"
A typical program gets access to resources in the kernel through layers of abstraction similar to the following diagram:
The kernel provides abstraction for security, hardware, and internal data structures. The open() system call is commonly used to get a file handle
Notice in the following drawing that
bash
makes agetpid()
call which requests its own process identity.
Also, notice that thecat
command requests access to/etc/hosts
with a fileopen()
call.
这篇关于Docker和Host之间的进程任务结构的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!