Since version 0.9, Docker includes the libcontainer library as its own way to directly use virtualization facilities provided by the Linux kernel, in addition to using abstracted virtualization interfaces via libvirt, LXC (Linux Containers) and systemd-nspawn. The Linux kernel’s support for namespaces mostly isolates an application’s view of the operating environment, including process trees, network, user IDs and mounted file systems, while the kernel’s cgroups provide resource limiting, including the CPU, memory, block I/O and network. It enables creating of independent Containers that run on top of a single Linux instance, by using cgroups and kernel namespaces (the resource isolation features of the Linux kernel), and aufs and others (union-capable file system). While the hypervisor plays a role in the virtualization in a cloud system, Docker provides an additional layer of abstraction and automation of operating-system-level virtualization on Linux. “Specifically, Docker makes it possible to set up local development environments that are exactly like a live server, run multiple development environments from the same host that each have unique software, operating systems, and configurations, test projects on new or different servers, and allow anyone to work on the same project with the exact same settings, regardless of the local host environment.” They run as an isolated process in userspace on the host operating system.
With the Docker you can setup live server-like environments for local development of apps. This enables running more apps on the same servers used before, and also makes the packaging and shipping of programs very easy. That makes it available to have as many as four-to-six times the number of server application instances as you can using Xen or KVM VMs on the same hardware. While hypervisors can use different operating systems or kernels, Containers use shared operating systems and that makes them much more efficient in system resource terms. Instead of the hardware being virtualized, containers work on top of a single Linux instance. Other companies, like Parallels, Google, and Docker have been working on open-source projects as OpenVZ and LXC (Linux Containers) to ensure that containers work well and securely. Oracle Solaris developed similar concept called Zones. It allows users, to run the apps in a sandbox, thus separating them one from another. The FreeBSD Jail had access to the operating system kernel and to very limited set of other system resources. Whilst mostly used in the last few years, the idea and concept for Containers dates back to at least the year 2000 and FreeBSD Jails.
0 kommentar(er)
