Computação Distribuída

Building a container

Create all the namespaces and cgroups.

  • Usually by using a template.

Create a "virtual disk" for the container.

  • A directory that contains the file system for the container.

  • A host exists (and a directory for it).

Run chroot for the container's file system.

  • The file system needs all the libraries/files necessary to execute the program.

Initiate the program we wish to containerize.

  • This process will have PID 1 inside the container.

  • This process can mount procfs and other pseudo file systems.

    • Namespaces can be used to limit the information relative to these pseudo file systems.

Due to the network namespace, the containerized processes can't see the network interfaces from the host.

  • But it is also unusual to attribute real network interfaces to a namespace. (It would have an impact on the host).

Container networks.

  • Create a pair of ethernet network interfaces: 2 interfaces, point-to-point connected, connecting the host to the container.

PreviousOS SupportNextTools

Last updated