Merge pull request #477 from caisah/patch-2

Fix typo in english/basic_concept/container.md
This commit is contained in:
Kang Huaishuai 2020-11-15 20:45:31 +08:00 committed by GitHub
commit dc0f1223a0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -2,7 +2,7 @@
The relationship between `Image` and `Container` is just as `Class` and `Instance` in [OOP](https://en.wikipedia.org/wiki/Object-oriented_programming). `Image` is the static definition of `container`, while `containers` are the `images` in running state. `Containers` can be created, started, paused, deleted or stopped. The relationship between `Image` and `Container` is just as `Class` and `Instance` in [OOP](https://en.wikipedia.org/wiki/Object-oriented_programming). `Image` is the static definition of `container`, while `containers` are the `images` in running state. `Containers` can be created, started, paused, deleted or stopped.
The essence of `container` is `process`, but different from that in the host OS, the container processes run in their individual [`namespaces`](https://en.wikipedia.org/wiki/Linux_namespaces). With the namespace, a container can have its own `root` filesystem, network configurations, process space and even an ID sapce for users. The processes in a container run in an isolated environment, thus can be used as if it were an individual OS independent of the host OS. This feature makes docker-encapsulated applications safer than those running directly on the host. And that's also an important factor that confuses the novices to tell it from virtual machines. The essence of `container` is `process`, but different from that in the host OS, the container processes run in their individual [`namespaces`](https://en.wikipedia.org/wiki/Linux_namespaces). With the namespace, a container can have its own `root` filesystem, network configurations, process space and even an ID space for users. The processes in a container run in an isolated environment, thus can be used as if it were an individual OS independent of the host OS. This feature makes docker-encapsulated applications safer than those running directly on the host. And that's also an important factor that confuses the novices to tell it from virtual machines.
As we've discussed, `multi-layered filesystem` is applied to images, and so as the containers. When a container is running, it is based on its image, with a writable layer created on top of it. We call this layer prepared for R/W at runtime [**`Container Layer`**](https://docs.docker.com/storage/storagedriver/#images-and-layers). As we've discussed, `multi-layered filesystem` is applied to images, and so as the containers. When a container is running, it is based on its image, with a writable layer created on top of it. We call this layer prepared for R/W at runtime [**`Container Layer`**](https://docs.docker.com/storage/storagedriver/#images-and-layers).