Hic articulus disseret quomodo operatur et erit etiam practica pars cum nexu Docker.
De quaestionibus communibus cum Docker eorumque solutionibus iam hodie exsecutionem ex Kata Continentibus breviter describemus. Kata Vasa secura est continens runtime nixum in machinis virtualibus leve. Operatio cum illis eadem est ac cum aliis vasis, sed praeterea locupletior est solitudo usus technologiae ferrariae virtualizationis. Proiectum anno 2017 incepit, cum communitas eiusdem nominis merger optimarum notionum ex Intel continentibus Serenis et Hyper.sh RunV perfecit, post quod opus in subsidiis variis architecturis, inclusis AMD64, ARM, IBM pβ et z. -series. Accedit opus intra hypervisores QEMU, Firecracker, et etiam integratio cum continenti sustentatur. In codice is available at sub licentia MIT.
Res maiora
- Laborans cum nucleo separato, ita reticulum, memoriam et I/O solitudinem praebens, usum hardware solitarii in virtualis extensionibus cogere potest.
- Support industriae signa inter OCI (continens forma), Kubernetes CRI
- Constans observantia continentium regularium Linux, solitudo absque activitate capitis VMs regularis
- Eliminare necessitatem currendi continentia intus plenae armaturae virtualis machinis plenae, interfaces genericas integrationem et deductionem simpliciorem reddere
occasum
Sunt optiones institutionis, ex repositoriis institutiones considerabo, in Cento 7 operante rationi fundata.
maximus: Kata Vasorum opus ferramentis tantum sustinetur, virtualisatio procuret non semper operari, etiam opus sse4.1 firmamentum processus a.
Installing Kata Vasis satis simplex est;
Install utilitates ad operandum cum repositoriis:
# yum -y install yum-utilsInactivare Selinux (rectius est configurare, sed pro simplici hoc disable);
# setenforce 0
# sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/configConiungimus repositio et institutionem praestare
# source /etc/os-release
# ARCH=$(arch)
# BRANCH="${BRANCH:-stable-1.10}"
# yum-config-manager --add-repo "http://download.opensuse.org/repositories/home:/katacontainers:/releases:/${ARCH}:/${BRANCH}/CentOS_${VERSION_ID}/home:katacontainers:releases:${ARCH}:${BRANCH}.repo"
# yum -y install kata-runtime kata-proxy kata-shimtionibus
Ut opus cum donario instituam, eius institutio typica est, non dicam fusius:
# rpm -qa | grep docker
docker-ce-cli-19.03.6-3.el7.x86_64
docker-ce-19.03.6-3.el7.x86_64
# docker -v
Docker version 19.03.6, build 369ce74a3cMutationes facimus daemon.json:
# cat <<EOF > /etc/docker/daemon.json
{
"default-runtime": "kata-runtime",
"runtimes": {
"kata-runtime": {
"path": "/usr/bin/kata-runtime"
}
}
}
EOFSileo docker:
# service docker restarteget reprehendo
Si continens incipias antequam donarium sileo, videre potes unamem versionem nuclei currens in principali systemate dabit;
# docker run busybox uname -a
Linux 19efd7188d06 3.10.0-1062.12.1.el7.x86_64 #1 SMP Tue Feb 4 23:02:59 UTC 2020 x86_64 GNU/LinuxPost sileo, versio nucleus huius modi similis est:
# docker run busybox uname -a
Linux 9dd1f30fe9d4 4.19.86-5.container #1 SMP Sat Feb 22 01:53:14 UTC 2020 x86_64 GNU/LinuxPlures iunctos!
# time docker run busybox mount
kataShared on / type 9p (rw,dirsync,nodev,relatime,mmap,access=client,trans=virtio)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev type tmpfs (rw,nosuid,size=65536k,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666)
sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,relatime,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (ro,nosuid,nodev,noexec,relatime,xattr,name=systemd)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (ro,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/blkio type cgroup (ro,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/memory type cgroup (ro,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup (ro,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/perf_event type cgroup (ro,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (ro,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/freezer type cgroup (ro,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/pids type cgroup (ro,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/cpuset type cgroup (ro,nosuid,nodev,noexec,relatime,cpuset)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)
kataShared on /etc/resolv.conf type 9p (rw,dirsync,nodev,relatime,mmap,access=client,trans=virtio)
kataShared on /etc/hostname type 9p (rw,dirsync,nodev,relatime,mmap,access=client,trans=virtio)
kataShared on /etc/hosts type 9p (rw,dirsync,nodev,relatime,mmap,access=client,trans=virtio)
proc on /proc/bus type proc (ro,relatime)
proc on /proc/fs type proc (ro,relatime)
proc on /proc/irq type proc (ro,relatime)
proc on /proc/sys type proc (ro,relatime)
tmpfs on /proc/acpi type tmpfs (ro,relatime)
tmpfs on /proc/timer_list type tmpfs (rw,nosuid,size=65536k,mode=755)
tmpfs on /sys/firmware type tmpfs (ro,relatime)
real 0m2.381s
user 0m0.066s
sys 0m0.039s# time docker run busybox free -m
total used free shared buff/cache available
Mem: 1993 30 1962 0 1 1946
Swap: 0 0 0
real 0m3.297s
user 0m0.086s
sys 0m0.050sFast onus temptationis
Ad damna virtualizationis aestimanda - Curro sysbench, ut exempla principalia .
Running sysbench using Docker+containerd
Processus test
sysbench 1.0: multi-threaded system evaluation benchmark
Running the test with following options:
Number of threads: 1
Initializing random number generator from current time
Prime numbers limit: 20000
Initializing worker threads...
Threads started!
General statistics:
total time: 36.7335s
total number of events: 10000
total time taken by event execution: 36.7173s
response time:
min: 3.43ms
avg: 3.67ms
max: 8.34ms
approx. 95 percentile: 3.79ms
Threads fairness:
events (avg/stddev): 10000.0000/0.00
execution time (avg/stddev): 36.7173/0.00RAM test
sysbench 1.0: multi-threaded system evaluation benchmark
Running the test with following options:
Number of threads: 1
Initializing random number generator from current time
Initializing worker threads...
Threads started!
Operations performed: 104857600 (2172673.64 ops/sec)
102400.00 MiB transferred (2121.75 MiB/sec)
General statistics:
total time: 48.2620s
total number of events: 104857600
total time taken by event execution: 17.4161s
response time:
min: 0.00ms
avg: 0.00ms
max: 0.17ms
approx. 95 percentile: 0.00ms
Threads fairness:
events (avg/stddev): 104857600.0000/0.00
execution time (avg/stddev): 17.4161/0.00Running sysbench using Docker+Kata Containers
Processus test
sysbench 1.0: multi-threaded system evaluation benchmark
Running the test with following options:
Number of threads: 1
Initializing random number generator from current time
Prime numbers limit: 20000
Initializing worker threads...
Threads started!
General statistics:
total time: 36.5747s
total number of events: 10000
total time taken by event execution: 36.5594s
response time:
min: 3.43ms
avg: 3.66ms
max: 4.93ms
approx. 95 percentile: 3.77ms
Threads fairness:
events (avg/stddev): 10000.0000/0.00
execution time (avg/stddev): 36.5594/0.00RAM test
sysbench 1.0: multi-threaded system evaluation benchmark
Running the test with following options:
Number of threads: 1
Initializing random number generator from current time
Initializing worker threads...
Threads started!
Operations performed: 104857600 (2450366.94 ops/sec)
102400.00 MiB transferred (2392.94 MiB/sec)
General statistics:
total time: 42.7926s
total number of events: 104857600
total time taken by event execution: 16.1512s
response time:
min: 0.00ms
avg: 0.00ms
max: 0.43ms
approx. 95 percentile: 0.00ms
Threads fairness:
events (avg/stddev): 104857600.0000/0.00
execution time (avg/stddev): 16.1512/0.00In principio, res iam clara est, sed melius est ut pluries expertus sit currere, removere manes et fere eventus, ideo non magis probat adhuc.
Inventiones
Quamquam huiusmodi continentia circiter quinque ad decem tempora longiora surgunt (tempus typice currunt cum mandatis similibus cum utendo continenti minus quam tertiae partis secundae), tamen satis cito laborant si tempus absolutum sumamus (ibi. sunt exempla supra, mandata in mediocris trium secundarum faciendarum). Bene, eventus celeris experimenti CPU et RAM eosdem fere eventus ostendunt, qui non possunt non gaudere, praesertim lumine facto quod solitudo praebetur utendo tam bene currendi mechanismo sicut kvm.
nuntius
Articulus est review, sed dat occasionem ut runtime sentiendi. Multis locis applicationis non operta sunt, exempli gratia, situs describit facultatem Kubernetes super Kata Continentes currere. Accedit, etiam series testium currere potes ad difficultates securitatis inveniendas, restrictiones et alia iucunda.
Quaero omnes, qui hic legerunt et revolvunt, ut percontationi intersint, unde futurae publicationes de hoc argumento pendent.
Tantum usores descripserunt in aliquet participare possunt. Te gratissimum esse.
Egone pergo vasa de Kata Vasis evulgare?
-
80,0%Ita scribe plura! 28
-
20,0%Non, ne 7
35 utentes censuerunt. 7 Utentes abstinuerunt.
Source: www.habr.com