![]() ![]() Exited is the state of the file system and its exit value is preserved. In the running state, container includes a tree of processes running on the CPU, isolated from the other processes running on the host. Containers has two states running state and exited state. This read-write layer, information of its Parent Image, networking configuration, resource limits and unique id is called a Container. Then the Union File System adds a read-write layer on top. In all cases this overhead is around 59 milliseconds, except for container c4 (i.e., for the Debian container inside the Ubuntu container) where the overhead is around 30 seconds.When you start a container from the Base image using Docker, Docker fetches the image and its parent image, and repeats the process until it reaches the Base image. It is expected that the second command takes more time due to the overhead of the su command. Measuring how long su takesįor each container I measure the time required for the command su with the following commands (where user is either ubuntu or debian): time pwd In Ubuntu containers is not needed to create a non-root user because the ubuntu user is already defined. In the Debian containers, I created non-root user debian with the following command: adduser -home /home/debian -gecos Debian -disabled-password debian Then, inside container c1, I created two nested containers: lxd init Then, I created two containers as follows: lxc launch ubuntu:20.04 c1 -c security.nesting=true ![]() ![]() I use the system apt packages ( lxd and lxd-client) to install LXD. I have set up LXD containers in an Ubuntu 18.04 machine to use nested containers (as is described in ). Does anyone have any explanation for this? Next I describe how to reproduce this issue. ![]() This overhead does not occur Debian containers that are not nested, nor in Ubuntu containers nested into an Ubuntu container. I observed that the command su takes too long (30 seconds) when it is executed in a LXD Debian container that is nested into an Ubuntu LXD container. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |