Home >Operation and Maintenance >Docker >Is there a performance hit with Docker?

Is there a performance hit with Docker?

Guanhui
GuanhuiOriginal
2020-06-11 10:52:5812903browse

Is there a performance hit with Docker?

Is there a performance penalty for Docker?

Docker has a performance loss, but it is very small. Compared with Docker’s excellent functions, this performance loss is negligible. Docker is an open source application container engine that allows developers to package The application is put into a container and then published to run on any popular Linux machine.

Docker

Docker is an open source application container engine that allows developers to package their applications and dependencies into a Portable containers are then published to any popular Linux machine or Windows machine, and virtualization can also be achieved. The containers completely use the sandbox mechanism and will not have any interfaces with each other.

A complete Docker consists of the following parts:

  • DockerClient client

  • Docker Daemon daemon process

  • Docker Image

  • DockerContainer Container

##Docker Principle

The core problem Docker solves is to use LXC to implement VM-like functions, thereby using more economical hardware resources to provide users with more computing resources. Different from the VM method, LXC is not a set of hardware virtualization methods - it cannot be classified into any of full virtualization, partial virtualization and paravirtualization, but an operating system level virtualization method, which may not be easy to understand. Not as intuitive as VM. So we start from the problems that docker needs to solve from virtualization to see how it meets the virtualization needs of users.

Users need to consider virtualization methods, especially hardware virtualization methods, which mainly need to solve the following 4 problems:

  • Isolation-each user Instances are isolated from each other and do not affect each other. The method given by the hardware virtualization method is VM, the method given by LXC is container, and the more detailed method is kernel namespace

  • Quota/measurable - each user instance can be on-demand Providing its computing resources, the resources used can be measured. The hardware virtualization method can be easily implemented because it virtualizes the CPU and memory. LXC mainly uses cgroups to control resources

  • Mobility - User instances can be easily copied, moved and rebuilt . The hardware virtualization method provides snapshots and images for implementation, and docker (mainly) uses AUFS to achieve

  • security - this topic is relatively big, and the emphasis here is to try to protect the container from the perspective of the host. In the hardware virtualization method, because the level of virtualization is relatively high, user processes are translated and run in virtual machine containers such as KVM. However, for LXC, the user process is a child process of the lxc-start process, only in the namespace of the Kernel. Isolated, so some kernel patches are needed to ensure that the user's operating environment will not be maliciously intruded from the host. Dotcloud (mainly) uses the kernel grsec patch to solve the problem.


Recommended tutorial: "

Docker"

The above is the detailed content of Is there a performance hit with Docker?. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn