Please enable JavaScript.
Coggle requires JavaScript to display documents.
docker, network - Coggle Diagram
docker
Linux namespace
process resource isolation
each process is associated with a namespace and can only see or use the resources associated with that namespace, and descendant namespaces where applicable
This way each process (or process group thereof) can have a unique view on the resources. Which resource is isolated depends on the kind of namespace that has been created for a given process group.
cgroups
(control groups)
limit and isolate the resource usage of a collections
創新點: file system
union FS
overlayFS
mnt namespace
network
single machine
Host
Container
Null(--net=null)
Bridge
multiple machines
Overlay(libnetwork, libkv)
Remote(work with remote drivers)
network namespace