CN106060122A - Docker container uploading/downloading feature control method and device - Google Patents

Docker container uploading/downloading feature control method and device Download PDF

Info

Publication number
CN106060122A
CN106060122A CN201610340995.5A CN201610340995A CN106060122A CN 106060122 A CN106060122 A CN 106060122A CN 201610340995 A CN201610340995 A CN 201610340995A CN 106060122 A CN106060122 A CN 106060122A
Authority
CN
China
Prior art keywords
docker container
described
download
microsoft loopback
loopback adapter
Prior art date
Application number
CN201610340995.5A
Other languages
Chinese (zh)
Other versions
CN106060122B (en
Inventor
元哲伟
Original Assignee
北京奇虎科技有限公司
奇智软件(北京)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京奇虎科技有限公司, 奇智软件(北京)有限公司 filed Critical 北京奇虎科技有限公司
Priority to CN201610340995.5A priority Critical patent/CN106060122B/en
Publication of CN106060122A publication Critical patent/CN106060122A/en
Application granted granted Critical
Publication of CN106060122B publication Critical patent/CN106060122B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L29/00Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00
    • H04L29/02Communication control; Communication processing
    • H04L29/06Communication control; Communication processing characterised by a protocol
    • H04L29/08Transmission control procedure, e.g. data link level control procedure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network-specific arrangements or communication protocols supporting networked applications
    • H04L67/06Network-specific arrangements or communication protocols supporting networked applications adapted for file transfer, e.g. file transfer protocol [FTP]

Abstract

The invention discloses a Docker container uploading/downloading feature control method and device. The method comprises: starting the creation of a Docker container; and creating a virtual network card pair for the Docker container, the virtual network card pair forming a data channel connecting the Docker container with a host machine; wherein in a process of creating the virtual network card pair, uploading feature parameters of the Docker container are set in the naming space of the Docker container, and downloading feature parameters of the Docker container are set in the naming space of the host machine. Uploading and downloading feature parameters are set, so that in a Docker container operation process, data is uploaded/download in strict accordance with the feature parameters, and thereby the network flow of the Docker container is effectively controlled in double directions.

Description

Control method and the device of characteristic is uploaded/downloaded to Docker container

Technical field

The present invention relates to technical field of the computer network, be specifically related to a kind of Docker container and upload/download the control of characteristic Method and device processed.

Background technology

Docker is an application container engine increased income, allow developer can pack they application and rely on bag arrive In one transplantable container, then it is published on any popular Linux machine, it is also possible to realize virtualization.Docker holds Device is to use sandbox mechanism completely, does not the most have any interface.Almost without performance cost, can be easily at machine Device and data center run.The most important thing is, they do not rely on any language, framework includes system.Docker can be right Realize a lot of resource isolation, such as CPU, core binding, priority, internal memory etc., but network traffics (the most two-way) be there is no very good Method for limiting.

Providing a kind of method limiting Docker capacitor network flow in prior art, it uses flow control tool to exist On host, the Microsoft Loopback Adapter to Docker container limits, but the method can only be to the network flow of all Docker containers Amount is unidirectionally controlled.And the corresponding relation of Docker container and Microsoft Loopback Adapter can be obtained currently without reliable method, therefore, Do not have a kind of effective technological means to upload/download two-way characterisitic parameter to single Docker container to be controlled.

Summary of the invention

In view of the above problems, it is proposed that the present invention in case provide one overcome the problems referred to above or at least in part solve on Control method and the device of characteristic is uploaded/downloaded to the Docker container stating problem.

According to an aspect of the invention, it is provided the control method of characteristic is uploaded/downloaded to a kind of Docker container, its bag Include:

Start the establishment of Docker container;

For described Docker container create Microsoft Loopback Adapter pair, described Microsoft Loopback Adapter to composition connect described Docker container and The data channel of host;

Wherein, above-mentioned establishment Microsoft Loopback Adapter to during, in the NameSpace of described Docker container, institute is set That states Docker container uploads characterisitic parameter, and the download arranging described Docker container in the NameSpace of described host is special Property parameter.

According to a further aspect in the invention, it is provided that the control device of characteristic is uploaded/downloaded to a kind of Docker container, its bag Include:

Start module, be suitable to start the establishment of Docker container;

Network interface card creation module, is suitable for described Docker container and creates Microsoft Loopback Adapter pair, and described Microsoft Loopback Adapter is to composition even Connect described Docker container and the data channel of host;

First arranges module, be suitable to above-mentioned establishment Microsoft Loopback Adapter to during, in the name of described Docker container Arrange described Docker container in space uploads characterisitic parameter;

Second arranges module, be suitable to above-mentioned establishment Microsoft Loopback Adapter to during, at the NameSpace of described host The download characterisitic parameter of described Docker container is inside set.

Upload/download specific control method according to the Docker container that the present invention provides, create Docker appearance starting After device, create Microsoft Loopback Adapter to during, arrange Docker container in the NameSpace of Docker container uploads spy Property parameter, arranges the download characterisitic parameter of Docker container in the NameSpace of host.Uploaded by setting and download two The characterisitic parameter in individual direction so that in Docker container running, will carry out uploading data in strict accordance with these characterisitic parameters With download data, so that the network traffics of Docker container have obtained effective control, and it is all to obtain on two-way Effective control.

Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention, And can be practiced according to the content of description, and in order to allow above and other objects of the present invention, the feature and advantage can Become apparent, below especially exemplified by the detailed description of the invention of the present invention.

Accompanying drawing explanation

By reading the detailed description of hereafter preferred implementation, various other advantage and benefit common for this area Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred implementation, and is not considered as the present invention Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical parts.In the accompanying drawings:

Fig. 1 shows that the stream of the control method of characteristic is uploaded/downloaded to Docker container according to an embodiment of the invention Journey schematic diagram;

Fig. 2 shows that the control method of characteristic is uploaded/downloaded to Docker container in accordance with another embodiment of the present invention Schematic flow sheet;

Fig. 3 shows that the knot controlling device of characteristic is uploaded/downloaded to Docker container according to an embodiment of the invention Structure block diagram.

Detailed description of the invention

It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although accompanying drawing shows the disclosure Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure and should be by embodiments set forth here Limited.On the contrary, it is provided that these embodiments are able to be best understood from the disclosure, and can be by the scope of the present disclosure Complete conveys to those skilled in the art.

Fig. 1 shows that the stream of the control method of characteristic is uploaded/downloaded to Docker container according to an embodiment of the invention Journey schematic diagram.As it is shown in figure 1, the method comprises the steps:

Step S101, starts the establishment of Docker container.

Before starting the establishment of Docker container, first start Docker host, host creates a name For the virtual bridge of docker0, it has connected other physics or Microsoft Loopback Adapter at inner nuclear layer so that the Docker of follow-up startup Container can be connected on this virtual bridge, and then all Docker containers and local host are all put into same physical network In.The working method of virtual bridge is similar with physical switches, and all containers on host can be made just to be connected in by switch In one double layer network.Generally, Docker acquiescence specifies IP address and the subnet mask of docker0 interface, allows host And can be in communication with each other by virtual bridge between Docker container, flow to network traffics relevant for Docker and all can pass through Docker0.Docker can from the private ip network segment defined in RFC1918, select an IP address different with host and Subnet mask allocation is to docker0.Such as, general Docker can use this network segment of 172.17.0.0/16, and will 172.17.42.1/16 distribute to docker0 bridge (using ifconfig order on main frame is it can be seen that docker0, It is believed that it is the management interface of bridge, host uses as one piece of Microsoft Loopback Adapter).Create at virtual bridge Afterwards, it is possible to start the establishment of Docker container.

Step S102, for Docker container create Microsoft Loopback Adapter pair, this Microsoft Loopback Adapter to composition connect Docker container and The data channel of host.Wherein, create Microsoft Loopback Adapter to during, in the NameSpace of Docker container arrange Docker container upload characterisitic parameter, the download characterisitic parameter of Docker container is set in the NameSpace of host.

Step S102 is the subprocess during the establishment of Docker container.In general, each Docker container is Setting up from mirror image, first pull ubuntu ((SuSE) Linux OS based on desktop application) mirror image, Docker checks Whether ubuntu mirror image exists, if not this mirror image in this locality, Docker can download from Docker Hub.If mirror image is Existing, Docker can use it to create new container.Then, distribution file system and one read-write layer of carry, Docker container can create in this file system, and a read-write layer is added in mirror image.Then, for Docker container creates Microsoft Loopback Adapter pair, and this Microsoft Loopback Adapter connects Docker container and the data channel of host to composition, The above-mentioned network segment that Docker selects select a unappropriated IP address for Docker container.Then, operation is specified Program.Finally, capture and application output is provided.

Wherein create Microsoft Loopback Adapter to particularly as follows: create a pair Microsoft Loopback Adapter veth pair equipment on host, they The passage of one data of composition, data enter from an equipment, from another equipment out.Docker is by veth pair equipment One end be placed in newly created Docker container, and named eth0.The other end is placed in host, and is set by this network For joining in docker0 virtual bridge.From docker0 subnet, distribute an IP use to Docker container, and arrange The default gateway that IP address is container of docker0.

The embodiment of the present invention is in order to be able to realize uploading Docker container/download effective control of two-way characterisitic parameter System, create Microsoft Loopback Adapter to during, arrange Docker container in the NameSpace of Docker container uploads characteristic Parameter, arranges the download characterisitic parameter of Docker container in the NameSpace of host.

The process run in process performed in Docker container and host operating system or operate in other Process in Docker container is separate.But, all of process is all to operate in identical kernel.Docker comes There is provided independent NameSpace to each container, when creating a Docker container, create a life for this container simultaneously Name space set.Which providing a sealing coat, each is applied operation in the NameSpace of themselves and will not Have access to outside NameSpace.The NameSpace set of Docker container comprises:

PID NameSpace: use at process isolation (PID:Process ID);

NET NameSpace: use in management network interface (NET:Networking);

IPC NameSpace: use the communication resource (IPC:InterProcess Communication) between managing process;

MNT NameSpace: use in management mount point (MNT:Mount);

UTS NameSpace: use at isolation kernel and version identifier (UTS:Unix Timesharing System).

The embodiment of the present invention, during Docker container creates, sets ginseng in the NameSpace of Docker container Number, once Docker container has created, and Docker container just runs program according to the parameter set in NameSpace, it is impossible to again Change these parameters.Specifically, the embodiment of the present invention arranges uploading of Docker container in the NameSpace of Docker container Characterisitic parameter, arranges the download characterisitic parameter of Docker container in the NameSpace of host.Such as, name at above-mentioned IPC It is set in space.Wherein set characterisitic parameter of uploading includes but are not limited to uploading speed;Set download is special Property parameter includes but are not limited to speed of download.By setting uploading speed and speed of download, at Docker container running In, will carry out uploading data and downloading data in strict accordance with these parameters, and so make the network traffics of Docker container obtain Effective control, and be on two-way, be obtained for effectively control.

Specific control method is uploaded/downloaded to the Docker container provided according to embodiments of the present invention, creates starting After Docker container, create Microsoft Loopback Adapter to during, Docker container is set in the NameSpace of Docker container Upload characterisitic parameter, the download characterisitic parameter of Docker container is set in the NameSpace of host.Uploaded by setting With the characterisitic parameter downloading both direction so that in Docker container running, will carry out in strict accordance with these characterisitic parameters Upload data and download data, so that the network traffics of Docker container have obtained effective control, and being two-way On be obtained for effectively control.

Fig. 2 shows that the control method of characteristic is uploaded/downloaded to Docker container in accordance with another embodiment of the present invention Schematic flow sheet.As in figure 2 it is shown, the method comprises the steps:

Step S201, starts the establishment of Docker container.

Before starting the establishment of Docker container, first start Docker host, host creates a name For the virtual bridge of docker0, it has connected other physics or Microsoft Loopback Adapter at inner nuclear layer so that the Docker of follow-up startup Container can be connected on this virtual bridge, and then all Docker containers and local host are all put into same physical network In.The working method of virtual bridge is similar with physical switches, and all containers on host can be made just to be connected in by switch In one double layer network.Generally, Docker acquiescence specifies IP address and the subnet mask of docker0 interface, allows host And can be in communication with each other by virtual bridge between Docker container, flow to network traffics relevant for Docker and all can pass through Docker0。

Owing to it is contemplated that during the establishment of Docker container, proposing to improve to prior art, virtual bridge It is created as preliminary preparation, refers to the way of prior art, this is not described in detail.

Step S202, starts and creates Microsoft Loopback Adapter pair for Docker container.

Creating Microsoft Loopback Adapter pair for Docker container, one Microsoft Loopback Adapter of Microsoft Loopback Adapter centering is inserted in Docker container, Another Microsoft Loopback Adapter is inserted in virtual bridge so that Docker container and host by Microsoft Loopback Adapter to uploading/under Carry communication.Detailed process is: create a pair Microsoft Loopback Adapter veth pair equipment on host, they one data of composition Passage, data enter from an equipment, from another equipment out.One end of veth pair equipment is placed on new wound by Docker In the Docker container built, and named eth0.The other end is placed in host, and is joined by this network equipment In docker0 virtual bridge.From docker0 subnet, distribute an IP use to Docker container, and the IP of docker0 is set Address is the default gateway of container.

Step S202 is the subprocess during the establishment of Docker container.

Wherein, create Microsoft Loopback Adapter to during, perform following steps S203-step S205, and step respectively S206-step S208.

Step S203, obtains uploading maximum speed and uploading average speed of setting;

Step S204, utilizes flow control algorithm, uploads maximum speed according to set and upload average speed calculating The described value uploading characterisitic parameter;

Step S205, arranges described Docker container according to above-mentioned result of calculation in the NameSpace of Docker container Upload characterisitic parameter.

The present embodiment is with the difference of above-described embodiment, and the present embodiment the most directly arranges uploading speed, but sets Surely upload maximum speed and upload average speed, then utilize flow control algorithm, according to set upload maximum speed and Upload the value uploading characterisitic parameter described in average speed calculating, arrange in the NameSpace of Docker container according to result of calculation Docker container upload characterisitic parameter, uploading speed is specifically set.

Step S206, obtains the download maximum speed set and downloads average speed;

Step S207, utilizes flow control algorithm, calculates according to set download maximum speed and download average speed The value of described download characterisitic parameter;

Step S208, arranges the download of described Docker container in the NameSpace of host according to above-mentioned result of calculation Characterisitic parameter.

The present embodiment is with the difference of above-described embodiment, and the present embodiment the most directly arranges speed of download, but sets Fix load maximum speed and download average speed, then utilizing flow control algorithm, according to set download maximum speed and Download average speed and calculate the value of described download characterisitic parameter, arrange in the NameSpace of Docker container according to result of calculation The download characterisitic parameter of Docker container, specifically arranges speed of download.

The present embodiment utilizes flow control algorithm, uploads/downloads maximum speed according to set and upload/download average The value of characterisitic parameter is uploaded/downloaded to speed calculation, then arranges uploading/downloading in the NameSpace of correspondence according to result of calculation Characterisitic parameter, compared with above-described embodiment, more motility.

Fig. 3 shows that the knot controlling device of characteristic is uploaded/downloaded to Docker container according to an embodiment of the invention Structure block diagram.As it is shown on figure 3, this device includes: starting module 301, network interface card creation module 302, first arranges module 303, second Module 304 is set.

Start module 301, be suitable to start the establishment of Docker container.

The establishment process of Docker container includes: first pull a ubuntu (Linux operation based on desktop application System) mirror image, Docker checks whether ubuntu mirror image exists, if not this mirror image in this locality, Docker can be from Docker Hub downloads.If mirror image has existed, Docker can use it to create new container.Then, distribute file system and hang Carrying a read-write layer, Docker container can create in this file system, and a read-write layer is added to In mirror image.Then, creating Microsoft Loopback Adapter pair for Docker container, this Microsoft Loopback Adapter connects Docker container and host to composition Data channel, Docker select the above-mentioned network segment in select a unappropriated IP address for Docker container.Connect , run the program specified.Finally, capture and application output is provided.

Network interface card creation module 302, is suitable for Docker container and creates Microsoft Loopback Adapter pair, and composition is connected by Microsoft Loopback Adapter Docker container and the data channel of host.

Network interface card creation module 302 is further adapted for: create Microsoft Loopback Adapter pair, Microsoft Loopback Adapter centering one for Docker container Microsoft Loopback Adapter is inserted in Docker container, and another Microsoft Loopback Adapter is inserted in virtual bridge so that Docker container and host By Microsoft Loopback Adapter to uploading/download communication.Detailed process is: create a pair Microsoft Loopback Adapter veth on host Pair equipment, the passage of they one data of composition, data enter from an equipment, from another equipment out.Docker will One end of veth pair equipment is placed in newly created Docker container, and named eth0.The other end is placed in host, And this network equipment is joined in docker0 virtual bridge.An IP be distributed to Docker container from docker0 subnet Use, and the default gateway that IP address is container of docker0 is set.

First arranges module 303, be suitable to create Microsoft Loopback Adapter to during, in the NameSpace of Docker container Arrange Docker container uploads characterisitic parameter.

Second arranges module 304, be suitable to above-mentioned establishment Microsoft Loopback Adapter to during, in the NameSpace of host The download characterisitic parameter of Docker container is set.

Further, this device also includes: virtual bridge creation module 305, is suitable to create the virtual bridge of host, refers to Determine IP address and the subnet mask of virtual bridge.Virtual bridge creation module 305 creates an entitled docker0 on host Virtual bridge, it has connected other physics or Microsoft Loopback Adapter at inner nuclear layer so that the Docker container of follow-up startup can connect Receive on this virtual bridge, and then all Docker containers and local host are all put in same physical network.Virtual The working method of bridge is similar with physical switches, and all containers on host can be made just to be connected in one two by switch In layer network.Generally, Docker acquiescence specifies IP address and the subnet mask of docker0 interface, allows host and Docker Can be in communication with each other by virtual bridge between container, flowing to network traffics relevant for Docker all can be through Docker0. Docker can select an IP address different with host and subnet mask from the private ip network segment defined in RFC1918 Distribute to docker0.Such as, general Docker can use this network segment of 172.17.0.0/16, and is divided by 172.17.42.1/16 (use ifconfig order on main frame is it can be seen that docker0 to dispensing docker0 bridge, it is believed that it is bridge Management interface, host uses as one piece of Microsoft Loopback Adapter).After virtual bridge has created, it is possible to start The establishment of Docker container.

First arranges module 303 is further adapted for: obtain uploading maximum speed and uploading average speed of setting;Utilize stream Amount control algolithm, according to set upload maximum speed and upload average speed calculate described in upload the value of characterisitic parameter;Depend on Characterisitic parameter is uploaded according to what above-mentioned result of calculation arranged described Docker container in the NameSpace of Docker container.

Second arranges module 304 is further adapted for: obtains the download maximum speed set and downloads average speed;Utilize stream Amount control algolithm, calculates the value of described download characterisitic parameter according to set download maximum speed and download average speed;Depend on The download characterisitic parameter of described Docker container is set in the NameSpace of host according to above-mentioned result of calculation.

The Docker container provided according to embodiments of the present invention is uploaded/is downloaded and specifically controls device, creates starting After Docker container, create Microsoft Loopback Adapter to during, Docker container is set in the NameSpace of Docker container Upload characterisitic parameter, the download characterisitic parameter of Docker container is set in the NameSpace of host.Uploaded by setting With the characterisitic parameter downloading both direction so that in Docker container running, will carry out in strict accordance with these characterisitic parameters Upload data and download data, so that the network traffics of Docker container have obtained effective control, and being two-way On be obtained for effectively control.

Algorithm and display are not intrinsic to any certain computer, virtual system or miscellaneous equipment relevant provided herein. Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system Structure be apparent from.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use various Programming language realizes the content of invention described herein, and the description done language-specific above is to disclose this Bright preferred forms.

In description mentioned herein, illustrate a large amount of detail.It is to be appreciated, however, that the enforcement of the present invention Example can be put into practice in the case of not having these details.In some instances, it is not shown specifically known method, structure And technology, in order to do not obscure the understanding of this description.

Similarly, it will be appreciated that one or more in order to simplify that the disclosure helping understands in each inventive aspect, exist Above in the description of the exemplary embodiment of the present invention, each feature of the present invention is grouped together into single enforcement sometimes In example, figure or descriptions thereof.But, the method for the disclosure should not be construed to reflect an intention that i.e. required guarantor The application claims feature more more than the feature being expressly recited in each claim protected.More precisely, as following Claims reflected as, inventive aspect is all features less than single embodiment disclosed above.Therefore, The claims following detailed description of the invention are thus expressly incorporated in this detailed description of the invention, the most each claim itself All as the independent embodiment of the present invention.

Those skilled in the art are appreciated that and can carry out the module in the equipment in embodiment adaptively Change and they are arranged in one or more equipment different from this embodiment.Can be the module in embodiment or list Unit or assembly are combined into a module or unit or assembly, and can put them in addition multiple submodule or subelement or Sub-component.In addition at least some in such feature and/or process or unit excludes each other, can use any Combine all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed appoint Where method or all processes of equipment or unit are combined.Unless expressly stated otherwise, this specification (includes adjoint power Profit requires, summary and accompanying drawing) disclosed in each feature can be carried out generation by providing identical, equivalent or the alternative features of similar purpose Replace.

Although additionally, it will be appreciated by those of skill in the art that embodiments more described herein include other embodiments Some feature included by rather than further feature, but the combination of the feature of different embodiment means to be in the present invention's Within the scope of and form different embodiments.Such as, in the following claims, embodiment required for protection appoint One of meaning can mode use in any combination.

The all parts embodiment of the present invention can realize with hardware, or to run on one or more processor Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that and can use in practice Spy is uploaded/downloaded to the Docker container that microprocessor or digital signal processor (DSP) realize according to embodiments of the present invention The some or all functions of the fixed some or all parts controlled in device.The present invention is also implemented as performing Part or all equipment of method as described herein or device program (such as, computer program and computer journey Sequence product).The program of such present invention of realization can store on a computer-readable medium, or can have one or The form of multiple signals.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or There is provided with any other form.

The present invention will be described rather than limits the invention to it should be noted above-described embodiment, and ability Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference marks that should not will be located between bracket is configured to limitations on claims.Word " comprises " and does not excludes the presence of not Arrange element in the claims or step.Word "a" or "an" before being positioned at element does not excludes the presence of multiple such Element.The present invention and can come real by means of including the hardware of some different elements by means of properly programmed computer Existing.If in the unit claim listing equipment for drying, several in these devices can be by same hardware branch Specifically embody.Word first, second and third use do not indicate that any order.These word explanations can be run after fame Claim.

Claims (10)

1. a control method for characteristic is uploaded/downloaded to Docker container, comprising:
Start the establishment of Docker container;
Creating Microsoft Loopback Adapter pair for described Docker container, described Microsoft Loopback Adapter connects described Docker container and host to composition The data channel of machine;
Wherein, above-mentioned establishment Microsoft Loopback Adapter to during, arrange described in the NameSpace of described Docker container Docker container upload characterisitic parameter, the download characteristic of described Docker container is set in the NameSpace of described host Parameter.
The control method of characteristic is uploaded/downloaded to Docker container the most according to claim 1, wherein, starts wound described Before building the establishment of Docker container, described method also includes: create the virtual bridge of host, it is intended that the IP ground of virtual bridge Location and subnet mask.
The control method of characteristic is uploaded/downloaded to Docker container the most according to claim 2, wherein, described for described Docker container creates Microsoft Loopback Adapter pair, and described Microsoft Loopback Adapter connects the data of described Docker container and host and leads to composition Road farther includes:
Creating Microsoft Loopback Adapter pair for described Docker container, one Microsoft Loopback Adapter of described Microsoft Loopback Adapter centering inserts described Docker In container, another Microsoft Loopback Adapter is inserted in described virtual bridge so that described Docker container and described host pass through institute State Microsoft Loopback Adapter to uploading/download communication.
4. upload/download the control method of characteristic according to the Docker container described in any one of claim 1-3, wherein, described The characterisitic parameter of uploading arranging described Docker container in the NameSpace of Docker container farther includes:
Obtain uploading maximum speed and uploading average speed of setting;
Utilize flow control algorithm, according to set upload maximum speed and upload average speed calculate described in upload characteristic ginseng The value of number;
Characterisitic parameter is uploaded according to what above-mentioned result of calculation arranged described Docker container in the NameSpace of Docker container.
5. upload/download the control method of characteristic according to the Docker container described in any one of claim 1-3, wherein, described The download characterisitic parameter arranging described Docker container in the NameSpace of host farther includes:
Obtain the download maximum speed set and download average speed;
Utilize flow control algorithm, calculate described download characteristic ginseng according to set download maximum speed and download average speed The value of number;
The download characterisitic parameter of described Docker container is set in the NameSpace of host according to above-mentioned result of calculation.
6. a control device for characteristic is uploaded/downloaded to Docker container, comprising:
Start module, be suitable to start the establishment of Docker container;
Network interface card creation module, is suitable for described Docker container and creates Microsoft Loopback Adapter pair, and described Microsoft Loopback Adapter connects institute to composition State the data channel of Docker container and host;
First arranges module, be suitable to above-mentioned establishment Microsoft Loopback Adapter to during, at the NameSpace of described Docker container Inside arrange described Docker container uploads characterisitic parameter;
Second arranges module, be suitable to above-mentioned establishment Microsoft Loopback Adapter to during, set in the NameSpace of described host Put the download characterisitic parameter of described Docker container.
The control device of characteristic is uploaded/downloaded to Docker container the most according to claim 6, wherein, also includes: virtual net Bridge creation module, is suitable to create the virtual bridge of host, it is intended that the IP address of virtual bridge and subnet mask.
The control device of characteristic is uploaded/downloaded to Docker container the most according to claim 7, and wherein, described network interface card creates Module is further adapted for: create Microsoft Loopback Adapter pair, one virtual net holding of described Microsoft Loopback Adapter centering for described Docker container Entering in described Docker container, another Microsoft Loopback Adapter is inserted in described virtual bridge so that described Docker container and described Host by described Microsoft Loopback Adapter to uploading/download communication.
9. upload/download the control device of characteristic according to the Docker container described in any one of claim 6-8, wherein, described First arranges module is further adapted for: obtain uploading maximum speed and uploading average speed of setting;Utilize flow control algorithm, According to set upload maximum speed and upload average speed calculate described in upload the value of characterisitic parameter;Tie according to above-mentioned calculating Really arrange described Docker container in the NameSpace of Docker container uploads characterisitic parameter.
10. upload/download the control device of characteristic according to the Docker container described in any one of claim 6-8, wherein, described Second arranges module is further adapted for: obtains the download maximum speed set and downloads average speed;Utilize flow control algorithm, The value of described download characterisitic parameter is calculated according to set download maximum speed and download average speed;Tie according to above-mentioned calculating Fruit arranges the download characterisitic parameter of described Docker container in the NameSpace of host.
CN201610340995.5A 2016-05-20 2016-05-20 Docker container uploads/downloads the control method and device of characteristic CN106060122B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610340995.5A CN106060122B (en) 2016-05-20 2016-05-20 Docker container uploads/downloads the control method and device of characteristic

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610340995.5A CN106060122B (en) 2016-05-20 2016-05-20 Docker container uploads/downloads the control method and device of characteristic
PCT/CN2017/081505 WO2017198035A1 (en) 2016-05-20 2017-04-21 Method and apparatus for controlling uploading/downloading characteristic of docker container

Publications (2)

Publication Number Publication Date
CN106060122A true CN106060122A (en) 2016-10-26
CN106060122B CN106060122B (en) 2019-03-05

Family

ID=57177341

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610340995.5A CN106060122B (en) 2016-05-20 2016-05-20 Docker container uploads/downloads the control method and device of characteristic

Country Status (2)

Country Link
CN (1) CN106060122B (en)
WO (1) WO2017198035A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106506314A (en) * 2016-09-30 2017-03-15 北京赢点科技有限公司 Network high availability method and device based on docker
WO2017198035A1 (en) * 2016-05-20 2017-11-23 北京奇虎科技有限公司 Method and apparatus for controlling uploading/downloading characteristic of docker container
CN107454188A (en) * 2017-08-28 2017-12-08 郑州云海信息技术有限公司 A kind of container creation method and system
CN107666446A (en) * 2017-09-14 2018-02-06 北京京东尚科信息技术有限公司 Downlink traffic, uplink traffic, bidirectional traffics method for limiting and device
CN107678836A (en) * 2017-10-12 2018-02-09 新华三大数据技术有限公司 The test data acquisition methods and device of cluster
WO2019127083A1 (en) * 2017-12-27 2019-07-04 深圳前海达闼云端智能科技有限公司 Network speed limiting method and apparatus, and server

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070130621A1 (en) * 2005-12-06 2007-06-07 Microsoft Corporation Controlling the isolation of an object
US20150256481A1 (en) * 2014-03-06 2015-09-10 Jisto Inc. Elastic Compute Cloud Based On Underutilized Server Resources Using A Distributed Container System
CN105119913A (en) * 2015-08-13 2015-12-02 东南大学 Web server architecture based on Docker and interactive method between modules
CN105490910A (en) * 2014-09-19 2016-04-13 北京奇虎科技有限公司 Network communication method and client

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105376303B (en) * 2015-10-23 2018-11-06 深圳前海达闼云端智能科技有限公司 A kind of Docker realizes system and its communication means
CN106060122B (en) * 2016-05-20 2019-03-05 北京奇虎科技有限公司 Docker container uploads/downloads the control method and device of characteristic

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070130621A1 (en) * 2005-12-06 2007-06-07 Microsoft Corporation Controlling the isolation of an object
US20150256481A1 (en) * 2014-03-06 2015-09-10 Jisto Inc. Elastic Compute Cloud Based On Underutilized Server Resources Using A Distributed Container System
CN105490910A (en) * 2014-09-19 2016-04-13 北京奇虎科技有限公司 Network communication method and client
CN105119913A (en) * 2015-08-13 2015-12-02 东南大学 Web server architecture based on Docker and interactive method between modules

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017198035A1 (en) * 2016-05-20 2017-11-23 北京奇虎科技有限公司 Method and apparatus for controlling uploading/downloading characteristic of docker container
CN106506314A (en) * 2016-09-30 2017-03-15 北京赢点科技有限公司 Network high availability method and device based on docker
CN107454188A (en) * 2017-08-28 2017-12-08 郑州云海信息技术有限公司 A kind of container creation method and system
CN107666446A (en) * 2017-09-14 2018-02-06 北京京东尚科信息技术有限公司 Downlink traffic, uplink traffic, bidirectional traffics method for limiting and device
CN107678836A (en) * 2017-10-12 2018-02-09 新华三大数据技术有限公司 The test data acquisition methods and device of cluster
WO2019127083A1 (en) * 2017-12-27 2019-07-04 深圳前海达闼云端智能科技有限公司 Network speed limiting method and apparatus, and server

Also Published As

Publication number Publication date
CN106060122B (en) 2019-03-05
WO2017198035A1 (en) 2017-11-23

Similar Documents

Publication Publication Date Title
US10289436B1 (en) Automated system and method for extracting and adapting system configurations
US9569198B2 (en) Release lifecycle management system for multi-node application
Pahl Containerization and the paas cloud
US20160371112A1 (en) User interface for managing a distributed virtual switch
AU2015256010B2 (en) Migration of applications between an enterprise-based network and a multi-tenant network
CN105684357B (en) The management of address in virtual machine
US9218176B1 (en) Software deployment in a distributed virtual machine environment
EP2911347B1 (en) Providing policy information
US10467049B2 (en) Virtual machine migration within a hybrid cloud system
US20180336056A1 (en) Automated network configuration of virtual machines in a virtual lab environment
US10461999B2 (en) Methods and systems for managing interconnection of virtual network functions
US20150186129A1 (en) Method and system for deploying a program module
US9712538B1 (en) Secure packet management for bare metal access
US9311140B2 (en) Method and apparatus for extending local area networks between clouds and migrating virtual machines using static network addresses
US9971584B2 (en) Packaged application delivery for converged infrastructure
EP2595346B1 (en) Network port profile deployment in a pre-provisioned or dynamically provisioned network infrastructure
CN104813289B (en) Diagnose virtual machine
US10360061B2 (en) Systems and methods for loading a virtual machine monitor during a boot process
US20160139906A1 (en) Deploying an application across multiple deployment environments
Sapuntzakis et al. Virtual Appliances for Deploying and Maintaining Software.
JP2016507100A (en) Master Automation Service
US9183378B2 (en) Runtime based application security and regulatory compliance in cloud environment
CA2829001C (en) Technique for resource creation in a cloud computing system
US10037220B2 (en) Facilitating software-defined networking communications in a container-based networked computing environment
JP2017538357A (en) Virtualized resource steering

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant