Home > Enterprise >  Docker, what is running command inside container vs outside
Docker, what is running command inside container vs outside

Time:10-05

I am new to docker and I am working with developers with another company. I believe they are new to docker as well. I have one developer asking me if "I'm running the command inside or outside the docker container" or "if I am creating a new branch outside of the container".

Can someone help clarify this meaning of inside or outside of the container?

I can't seem to understand, I searched online and I don't seem to find anything on the term inside or outside for running commands or anything else similar.

CodePudding user response:

Yes, it is normal (Docker uses the kernel on the host, and not its own, you will see it in ps command on the host.) to see the processes running "inside" the docker container in your host (if you check the running processes with top or ps commands). Try to run pstree in that way you will see all your running processes as a child of containerd.

The process running inside a container is just a regular process. In most ways it is no different than a regular process running outside a container. Docker uses namespaces and cgroups to isolate processes from the rest of the system.

Namespaces and cgroups are abstractions that allow the kernel to isolate processes.

The docker daemon is just a process that makes putting other processes inside namespaces/cgroups convenient.

CodePudding user response:

A docker file is a description of what you would like Linux to look like for a specific application. That is, without anything that application doesn't need, and all the tools and libraries it uses already installed. Specialty docker files for e.g a database or web server can be included, simplifying it the definition.

A Docker image is basically applying all the specifications from a docker file. That is, a file system is set up, and all the software specified in the docker file is installed into this file system as if it were real Linux.

A docker container is basically booting the image file, so all the start scripts are executed and there will be all the expected processes running by the time it finishes. Any software it runs will think it's running on Linux booted on a stand-alone machine. Except everything it does only happens within the container. If a file is written, it's written only to the container's file system, which is a chunk of space borrowed from the actual file system.

Normally you also need to specify what should run inside the container, otherwise once it boots, it has nothing more to do, so stops. Once it stops, the memory and file space is deallocated so everything done inside disappears.

You could start a web server running a service, or a shell you can interact with, and so on. You also usually want to be able to connect to the network outside the container, read or write files outside files, and so on. You can map real world things to the container (e.g port 8080 in the container maps to port 18080 in actual Linux, /tmp/scratch maps to /tmp/scratch in the container, and so on).

You can also start another process running in the container with the exec command. You can map the input and output to your terminal and start bash for example.

Finally you can stop the container, and everything inside will stop running, and all the memory and files will be deallocated.

Page link:https//www.codepudding.com/Enterprise/565536.html

Prev:Cannot connect to volume in Docker (Windows)
Next:docker image is not rebuilt automatically on file change
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding