我一直在阅读很多关于Docker容器和Unikernels以及如何使用我自己的应用程序运行轻量级环境。
我理解Linux容器和Unikernel是不同的东西,因为第一个是与主机操作系统共享资源的内核功能(如命名空间,cgroup等)的实现,后者是围绕应用程序构建的独立专用库操作系统。
但后来我偶然发现了Dockerhub中的Alpine linux派生图像。 它们非常轻巧,非常专业。 但他们是否运行相同的LXC / runc功能?
是否可以使用Docker在虚拟机管理程序实现下运行unikernel?
阿尔卑斯山图像与其他图像有何不同?
I've been reading a lot about Docker containers and Unikernels and how to run lightweight environment with my own applications.
I understand that Linux containers and Unikernels are different things, as the first are implementations of kernel features (such as namespaces, cgroups, etc) sharing resources with the host's OS, and the later are independent specialised library operating systems built around applications.
But then I've stumbled upon Alpine linux derived images in Dockerhub. They are very lightweight and very specialized. But do they run around the same LXC/runc features?
Is it possible to run a unikernel under a hypervisor implementation using Docker?
What is the diference between Alpine images and the others?
最满意答案
我不熟悉unikernel,但我可以尝试回答你的最后一个问题:
大多数Docker镜像都是基于Ubuntu,主要区别在于图像的大小,而Ubuntu图像有183MB,而Alpine只有4,5MB。
因此,Alpine具有较低的攻击面,专为安全性而设计: http : //www.alpinelinux.org/about/
Alpine Linux的设计考虑了安全性
我认为Alpine Linux Images运行在相同的LXC / runc功能上。
I am not very familar with unikernels but i can try to answer your last question:
Most of the Docker images are based on Ubuntu, the main difference is the size of the image, while a Ubuntu image has 183MB a Alpine has only 4,5MB.
Therefor the Alpine has a lower attack surface and is designed for security look here: http://www.alpinelinux.org/about/
Alpine Linux was designed with security in mind
The Alpine Linux Images run on the same LXC/runc features i think.
更多推荐
发布评论