2

How the process task structure is different in both docker and the host process any specific module is differed in docker apart from host?

NoNaMe
  • 6,020
  • 30
  • 82
  • 110
Sowndarya K
  • 399
  • 5
  • 17

1 Answers1

2

Since processed are represented in kernel by structure called ‘task_struct', that structure is the same in a container.

A container is based on system calls to the host kernel, and any kernel-related structure comes directly from said kernel.

See "Architecting Containers: Why Understanding User Space vs. Kernel Space Matters"

A typical program gets access to resources in the kernel through layers of abstraction similar to the following diagram:

https://rhelblog.files.wordpress.com/2015/07/user-space-vs-kernel-space-system-calls-gears.png?w=300

The kernel provides abstraction for security, hardware, and internal data structures. The open() system call is commonly used to get a file handle

Notice in the following drawing that bash makes a getpid() call which requests its own process identity.
Also, notice that the cat command requests access to /etc/hosts with a file open() call.

https://rhelblog.files.wordpress.com/2015/07/user-space-vs-kernel-space-basic-system-calls.png?w=584&h=219

Community
  • 1
  • 1
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Is there any link that provides in detail of this system calls from containers are passed to host kernel? – Sowndarya K Oct 14 '15 at 05:22
  • @SowndaryaK Yes, I have edited the answer with such a link. – VonC Oct 14 '15 at 07:04
  • 1
    @SowndaryaK see also http://rhelblog.redhat.com/2015/09/17/architecting-containers-part-2-why-the-user-space-matters-2/ – VonC Oct 14 '15 at 07:06