Some knowledge of docker

Others 2019-08-10 06:26:22 views: null

Complete a basic container vessels need to do six isolation:

Linux kernel will provide the six namespace (namespace) isolation system calls

Namespace system call arguments isolate content

1, UTS CLONE_NEWUTS host name and domain name

2, IPC CLONE_NEWIPC semaphores, shared memory

3, PID CLONE_NEWPID process number

4, Network CLONE_NEWNET network equipment

5, Mount CLONE_NEWNS mount point, file system

6, User CLONE_NEWUSER users and user groups

 

Isolation of a command:

unshare

 

1, host or domain isolation

unshare --uts

 

2, file systems, and user isolation

unshare --mount

 

3, semaphores and isolation process ID

unshare   --pid --ipc --fork --mount-proc /bin/bash

 

4, network isolation

unshare --net /bin/bash

 

Guess you like

Origin www.cnblogs.com/shixi-study/p/11329686.html
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com