Docker学习笔记
2019-06-02 本文已影响0人
无知者云
- The bridged network is the default choice unless otherwise specified. In this mode, the container has its own networking namespace and is then bridged via virtual interfaces to the host (or node in the case of K8s) network.
- In a default Linux installation, the client talks to the daemon via a local IPC/Unix socket at /var/run/docker.sock.
- runc is the reference implementation of the OCI container- runtime-spec,runc is a small, lightweight CLI wrapper for libcontainer
- In the Docker engine stack, containerd sits between the daemon and runc at the OCI layer. Kubernetes can also use containerd via cri-containerd.
- Containerd's sole purpose in life was to manage container lifecycle operations — start | stop | pause | rm....
- The daemon communicates with containerd via a CRUD-style API over gRPC18.
- Despite its name, containerd cannot actually create containers. It uses runc to do that. It converts the required Docker image into an OCI bundle and tells runc to use this to create a new container.
- If you are building Linux images, and using the apt package manager, you should use the no-install-recommends flag with the apt-get install command.
- In terms of Docker constructs, a Pod is modelled as a group of Docker containers with shared namespaces and shared filesystem volumes.
- If that Pod is deleted for any reason, even if an identical replacement is created, the related thing (e.g. volume) is also destroyed and created anew.
- Containers within the Pod see the system hostname as being the same as the configured name for the Pod.
