CN108021608A - A kind of lightweight website dispositions method based on Docker - Google Patents

A kind of lightweight website dispositions method based on Docker Download PDF

Info

Publication number
CN108021608A
CN108021608A CN201711049549.XA CN201711049549A CN108021608A CN 108021608 A CN108021608 A CN 108021608A CN 201711049549 A CN201711049549 A CN 201711049549A CN 108021608 A CN108021608 A CN 108021608A
Authority
CN
China
Prior art keywords
docker
lightweight
website
service
container
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711049549.XA
Other languages
Chinese (zh)
Inventor
黄友俊
李星
吴建平
马艺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CERNET Corp
Original Assignee
Next Generation Internet Major Application Technology (beijing) Engineering Research Center Co Ltd
CERNET Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Next Generation Internet Major Application Technology (beijing) Engineering Research Center Co Ltd, CERNET Corp filed Critical Next Generation Internet Major Application Technology (beijing) Engineering Research Center Co Ltd
Priority to CN201711049549.XA priority Critical patent/CN108021608A/en
Publication of CN108021608A publication Critical patent/CN108021608A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/958Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Abstract

Present disclose provides a kind of lightweight website dispositions method based on Docker, including:Docker services are disposed on the server;And Docker services increase application deployment engine in Docker container performing environments, the lightweight website deployment based on Docker is completed.Lightweight website dispositions method of the disclosure based on Docker, solving conventional virtual machine mode and running multiple and different applications has needed multiple virtual machines, takes that resource is huge, starts the problem of speed is slow, autgmentability is poor, realizes the performance and efficiency of higher.

Description

A kind of lightweight website dispositions method based on Docker
Technical field
This disclosure relates to technical field of the computer network, more particularly to a kind of lightweight website deployment side based on Docker Method.
Background technology
With China university and scientific research institution and the reinforcement of domestic and international academic exchange, Internet is as widest information Shared platform is exchanged, under Internet environment, meeting website has been not limited solely to the website simply to release news, interior Hold and usually also include contributions processing function, online registration is attended a meeting function, participant's information management, inquiry, export, download, realization Online contribution, online registration are attended a meeting, numerous system module such as conferencing information function of statistic analysis.With annual academic conference Hold, content and user data are all different, and have data increased trend year by year.
For such lightweight website, traditional software application deployment way is on the basis of hardware, is fictionalized more A operating system, then disposes relevant application in system.If there are multiple lightweight websites to take virtual machine mode portion every year Administration, forms larger waste in the utilization of resources.
Docker is the advanced container engine based on LXC that PaaS providers DoctCloud increases income, source code trustship On Github, based on go language and defer to Apache2.0 agreements and increase income.The success of the arrival of cloud computing era -- AWS, guiding Developer will apply and be transferred on cloud, solve the problems, such as hardware management, but environmental management is complicated, from various OS to each Kind middleware is to various software applications, and the thing being concerned about as developer's needs is too many, and is difficult to manage, this problem almost exists All modern times IT relevant industries are required for facing, and can simplify a variety of application examples of deployment to this Docker and work, for example Web should With, background application, database application, big data one can be packaged into using such as Hadoop clusters, message queue etc. Image is disposed.Docker appearance using virtualization means change -- the cloud epoch reduce cost using standard configuration hardware, Meet the needs of user uses on demand using virtualization means and ensure availability and isolation.Since Docker is based on The characteristics of virtualization feature of LXC lightweights, Docker are most obvious compared to KVM etc is exactly to start soon, and resource occupation is small.Therefore Running environment for the standardization for building isolation, the PaaS of lightweight, builds automatic test and continuous integrating environment, with And all can be extending transversely application, especially need rapid starting/stopping tackle the web of peak valley application.From structure the simplest Set out into form, Docker actually aims to provide a set of can be loaded on shared infrastructure to software work and carries out The container environment of management, but also ensure that at the same time and be isolated from each other between different loads and be independent of each other, create the operation of complete set System stack, will be included into by virtual machine management program with the relevant equipment of the system, and with virtual machine solutions Difference lies in, Docker be largely dependent upon (SuSE) Linux OS built-in a function --- entitled LXC is (i.e. Linux container).LXC is divided the memory of different processes using the various functions being built among operating system, even CPU and Internet resources can be split to a certain extent.Docker mirror images need not be carried out as a set of brand-new operating system Complete bootup process, so the volume of software kit with regard to can significantly be compressed, application program operate in shared calculating Also it will be provided with significantly more lightweight advantage when on resource.In addition, Docker also allows workload directly to access Device driver, so as to bringing the I/O speeds of service far more than virtual machine management program scheme.Docker mirror images just gradually into For the standard of application delivery, the ecosystem to shoot up in addition, it will be using issue, the preferred manner shared.
The content of the invention
(1) technical problems to be solved
In view of above-mentioned technical problem, the disclosure provides a kind of lightweight website dispositions method based on Docker, solves Conventional virtual machine mode, which runs multiple and different applications, will play multiple virtual machines, and occupancy resource is huge, starts speed slowly, expands Malleability is poor, and current application is usually combined from already present component, and relies on the problem of other service and apply, Realize the performance and efficiency of higher.
(2) technical solution
According to one aspect of the disclosure, there is provided a kind of lightweight website dispositions method based on Docker, including: Docker services are disposed on server;And Docker services increase application deployment in Docker container performing environments Engine, completes the lightweight website deployment based on Docker.
In certain embodiments, the Docker services include:Docker clients (Client), Docker guard into Journey (daemon), Docker mirror images (Image), Docker containers (Container) and Docker warehouses (Registry).
In certain embodiments, Docker services are disposed on the server, including:Resource layer:Complete operating system aspect Configuration and deployment, including the configuration of kernel upgrading, Docker service arrangements, security strategy and the distribution of ssh public keys;Container floor:Layout Relation and/or increase server resource between Docker containers and server;And application layer:Service access is externally provided Point, backstage (Backend) is distributed to for handling service (Service) request, or by service (Service) request, by Backend containers processing service (Service) request.
In certain embodiments, resource layer completes the configuration of operating system aspect and deployment, further includes:A server is selected to make For the web configuration interfaces of lightweight website, for managing a privately owned Docker warehouses, to distribute Docker mirror images.
In certain embodiments, the relation between the web configuration interface layout containers and server of lightweight website is passed through; New server resource is added by adding equipment.
In certain embodiments, by the deployment of resource layer, resource operation plane, resource behaviour are provided to the container floor Make plane to be used to import mirror image, start-stop container to server.
In certain embodiments, by the deployment of container floor, container operation plane is provided to application layer, is put down in container operation Relation on face between the various services of layout, realizes distributed system architecture.
In certain embodiments, Service-Backend schema construction Service dependent trees, the root node pair of tree are passed through Service is provided outside system.
In certain embodiments, when starting a service, recurrence is checked the backstage of the service by distributed system architecture, Start the leaf node of dependent tree and ensure step by step to recall after state is normal and start parent service.
In certain embodiments, the lightweight website dispositions method based on Docker, further includes:Pass through Iptables is blocked from Docker containers to the communication of all Intranet IP;Pass through selinux or apparmor restricted parts The resource that Docker containers can access;Read-only mode carry is used to part sysfs or procfs catalogue;Pass through grsec Carry out hardened system kernel;Quota control is carried out to resources such as memory, CPU, disk read-writes by cgroup or by tc to each The bandwidth of Docker containers is controlled.
(3) beneficial effect
It can be seen from the above technical proposal that lightweight website dispositions method of the disclosure based on Docker at least have with One of lower beneficial effect:
(1) the lightweight website dispositions method based on Docker, solve conventional virtual machine mode run it is multiple and different Using that will play multiple virtual machines, take resource is huge, start speed is slow, autgmentability is poor and current application usually from Already present component combination, and the problem of other service and apply is relied on, realize the performance and efficiency of higher.
(2) blocked from container to the communication of all Intranet IP by iptables, limited by selinux or apparmor Resource that partial containers processed can access, to part sysfs or procfs catalogue using read-only mode carry, pass through grsec Carry out hardened system kernel, carry out quota control to resources such as memory, CPU, disk read-writes by cgroup or by tc to each The bandwidth of container is controlled, and further ensures safety and isolation.
Brief description of the drawings
By the way that shown in attached drawing, above and other purpose, the feature and advantage of the disclosure will become apparent from.In whole attached drawings Identical reference numeral indicates identical device.Deliberately attached drawing is not drawn by actual size equal proportion scaling, it is preferred that emphasis is show Go out the purport of the disclosure.
Fig. 1 is according to lightweight website dispositions method flow chart of the disclosure based on Docker.
Fig. 2 is according to application deployment Organization Chart of the disclosure based on Docker technologies.
Fig. 3 is according to disclosure Docker inter-component relationships figures.
Fig. 4 is the deployment procedure chart according to three aspects of the disclosure.
Embodiment
For the purpose, technical scheme and advantage of the disclosure are more clearly understood, below in conjunction with specific embodiment, and reference Attached drawing, is further described the disclosure.
The present disclosure proposes a kind of lightweight website dispositions method based on Docker.As shown in Figure 1, the disclosure is based on The lightweight website dispositions method of Docker, comprises the following steps:
Docker services are disposed on the server;
Docker services increase application deployment engine in Docker container performing environments, are based on described in completion The lightweight website deployment of Docker.
Method of disclosure is incremented by for annual number of users, because policy change, the development of new technology and external environment condition become Change, web site contents version and different lightweight website are based on Docker container techniques in deployment, efficiently solve Conventional virtual machine mode, which runs multiple and different applications, will play multiple virtual machines, and occupancy resource is huge, starts speed slowly, expands Malleability is poor, and current application is usually combined from already present component, and relies on the problem of other service and apply.
In addition, in terms of server load, if individually opening a virtual machine, then virtual machine can take free memory, And using Docker to dispose, these memories will be effectively used, and the operation of Docker containers need not be extra Hypervisor support, it is the virtualization of kernel level, therefore can realize the performance and efficiency of higher.
Performance comparison is carried out by a large amount of tests, and with physical server.In CPU, memory, disk, network facet, The performance of Docker and physical equipment is basically identical, without excess loss.Then Docker and virtual machine realization principle are carried out Comparison, can substantially draw some conclusions:(1) since Docker is not required Hypervisor to realize that hardware resource virtualizes, What the program operated on Docker containers directly used is all the hardware resource of actual physics machine, therefore is utilized in CPU, memory Docker will be advantageous in efficiency in rate.(2) what Docker was utilized is the kernel of host, without Guest OS. When creating a container, Docker need not reload an operating system nucleus as virtual machine, eliminate this Process, creating a Docker container only needs several seconds.Therefore Docker contrasts virtual machine occupies on resource consumption compares Big advantage.In fact, hundreds of container can be easily set up in a physical machine, and can only establish several virtual Machine.
Docker knowable to angle from above-mentioned realization principle should be higher than virtual machine in the utilization ratio of CPU and memory. There are 8 cores in 2 Intel's xeon E5-2655 processors of same hardware parameter, 2.4 GHz of dominant frequency, each processor, share 16 cores, under conditions of 256GB RAM, start 3 physical machines, 3 Docker containers and 3 virtual machines and carry out performance datas Measuring and calculating, experiment learn that in terms of the resource consumption of operating system its computing capability does not almost have Docker relative to physical machine It is lossy, and virtual machine contrast physical machine then has and is obviously lost, the computing capability of virtual machine is lost 50% or so. To sum up, if the thousands of a lightweight websites of deployment, Docker deployment way can economize on resources 50% or so than deploying virtual machine.Separately Outside, in terms of system boot time, Docker can start hundreds of to thousands of a containers within several seconds, and virtual machine then needs to count Minute.
It is as shown in Figure 2 that disclosure lightweight website application program is based on Docker deployment frameworks.Disposed in physical machine Docker is serviced, and Docker services add application deployment engine in the Docker container performing environments of virtualization, should The target of engine is just to provide a light weight, quick environment, can operation program, and easily and efficiently by program from developer Notebook be deployed to test environment, be then deployed to again in production environment.
Docker has carried out further encapsulation on the basis of LXC, and user need not go to be concerned about the management of container, makes It must operate more easy, the container of user's operation Docker is simple just as operating the virtual machine of a quick lightweight.Fig. 3 For Docker inter-component relationships figures.As shown in Fig. 3, Docker services include following five part:1st, Docker Client visitors Family end;2nd, Docker daemon finger daemons;3rd, Docker Image mirrors;4th, Docker Container containers;5、 Docker Registry warehouses.
Docker service by Docker clients connect Docker finger daemons, by order to Docker guard into Journey sends request, and Docker finger daemons are returned the result by a series of operation.Docker mirror images are the operations of Docker containers When read-only template, each Docker mirror image includes a series of layer (layers).Docker uses UnionFS (joint texts Part system) these layers are joined in single mirror image.UnionFS allows the file and file in separate file system The file system that (being referred to as branch) is individually linked up by transparent covering, formation one.Just because of have the presence of these layers, Docker is only such light weight.When changing a Docker mirror image, for example some program is upgraded to new version, one new Layer can be created, therefore without replacing whole original Docker mirror images or re-establishing Docker mirror images, simply one New layer is added or upgrades.Do not have to issue whole mirror image again now, it is only necessary to upgrade, layer to distribute Docker mirror images Become simple and quick;Docker warehouses are used for preserving mirror image, it can be understood as the code storage in code control, equally Also there is publicly-owned and privately owned concept in Docker warehouses.Publicly-owned Docker warehouses name is Docker Hub, it provides huge Mirror image set for using, these mirror images can be that oneself is created, or be created on the basis of existing mirror image, Docker warehouses are The distributing portion of Docker;Docker containers and file are much like, and a Docker container contains some all applications Run required environment.Each Docker container is created from Docker mirror images.Docker containers can run, open Begin, stop, mobile and deletion.Each Docker container is independent and safety application platform, and Docker containers are The operation part of Docker.For complete using dependence encapsulation, what same mirror image repeated is testing, integrate, is producing Docker Disposed Deng environment, accomplish " once building, run everywhere ", suitable for continuous integrating, persistently dispose flow.Although Docker's is first Inner feelings is for " micro services " architecture design, but the problem of which solve management of process in Telnet container and container, container Used as developing engine, multiple programs are run in Docker, or even sshd or upstart are also feasible.
Lightweight website dispositions method of the disclosure based on Docker, entirely the process of disposing is divided into three aspects for it:Money Active layer, container floor, application layer, form distributed deployment frame, as shown in Figure 4:
As shown in figure 4, resource layer:Resource layer completes the configuration of operating system aspect and deployment, including kernel upgrading, Docker Service arrangement, security strategy configuration, the distribution of ssh public keys etc..The installation of resource layer needs to log in every server and root identity Operation program bin file, at this time built-in script will be prompted to user and complete to be locally located, and select a wherein server and serve as The web configuration interfaces of " portal ", i.e. lightweight website, while portal has managed a privately owned docker-registry For distributing Docker mirror images.By the deployment of resource layer, resource operation plane, resource operation plane tool are deliver to container floor The standby ability that mirror image, start-stop container are imported to other servers.
Container floor:Container floor can easily be compiled in resource operation plane by the portal web configuration interfaces provided Arrange the relation between container and server.New server resource can also very easily be added by " addition equipment " function. In container operation plane, by the relation between the various service requests of layout, the power of distributed system architecture is played.
Application layer:Service is responsible for externally providing service access point, both oneself can handle request, and will can also ask It is distributed to Backend;Service requests are really handled by Backend containers.Suggest that a Docker runs one in Docker communities A process, but when there is thousands of process in system, this strategy is not easy to configuration management.After a large amount of tests, The method that the disclosure runs several processes using a container here, by Service, Backend pattern, can construct Service dependent trees, the root node of tree outside system to providing service.Service dependent trees will play weight in container startup stage Act on.When starting certain service, recurrence is checked the Backend of this service by distributed deployment frame, first starts dependent tree Leaf node simultaneously ensures that backtracking starts parent service step by step again after state is normal, and this mechanism ensure that the startup of each module is suitable Sequence.
The disclosure also provides a standard module mirror image.A standard module needs to come by certain structural planning catalogue first Placement module own files.Module, which needs to write corresponding script, to be put into below corresponding catalogue.When the corresponding event of catalogue occurs, Deployment framework will be used for working as out-put container according to ascii orders successively synchronization call script, first status and info files The descriptive information of preceding state and container, then adds my_service in mirror image, daily build system meeting using ADD orders Automatically mirror image build is come out, this module image will be included in the bin bags of second day;Finally when deployment framework starting module is held Log catalogues can be mounted to during device outside container according to configuration, while call all scripts in start catalogues, so far module opens It is dynamic to complete.From net-like configuration pattern to star like arrangement pattern, initial website deployment framework uses the pattern of global configuration file, I.e. after web interface completes configuration, deployment framework can generate a huge configuration file, and configuration file describes whole system All physical machine situations of system, module situation, Service dependent trees, service access point etc..Any one module sees this Institute's information in need can be obtained after configuration file, and after any configuration changes, frame only needs to regenerate this Configuration file simultaneously notifies each module, and configured in one piece complexity is simplified really by this pattern.
In addition, Docker is as a kind of lightweight virtualization technology, its more light weight, while start speed faster, also have There is following advantage:Faster deliver and dispose, more easily migrate and extend, simpler management.Based on Docker containers Technology, optimizes application and development, structure, integrated, deployment whole flow process to greatest extent, and provides an efficient, reliable fortune Row environment.
Developer builds a set of exploitation container using the mirror image of a standard, and after exploitation is completed, operation maintenance personnel can Directly to dispose code using this container.Docker can quickly create container, and iteratively faster application program, is realized whole It is process visualized, facilitate each role to understand the establishment and work of application program.Its main working process is as follows:
1st, operation maintenance personnel can build privately owned Docker Registry warehouses on cloud host;
2nd, developer can be on exploitation cloud host from publicly-owned Docker warehouses Docker Hub or privately owned Docker Registry warehouses obtain the basic Docker mirror images that application needs;
3rd, developer can develop Structural application container on cloud host, and container is submitted after testing oneself as new mirror image and is pushed to Privately owned Docker Registry, notice QA tests;
4th, QA tests startup container on cloud host at it and is tested;
5th, post staff downloads latest edition mirror image and starts Docker containers on production cloud host.
In addition, in terms of multi-tenant resource isolation, Docker containers make full use of the namespaces of linux kernel Resource isolation function is provided, with reference to cgroup, in that context it may be convenient to set the resource quota of some container, can meet resource isolation Demand, and can easily be different stage user setting different stage quota restrictions.But due to the journey run in container Ordered pair is incredible for hosting service providers, so needing special means to ensure that user can not be from container Resource of the middle operation to host.In terms of safety and isolation reinforcing, it is contemplated that following measures:
Block the communication from container to all Intranet IP (can also be directed to if desired certainly specific by iptables IP/ open-endeds authority);
The resource that some container can access is limited by selinux or apparmor;
To some sysfs or procfs catalogues, using read-only mode carry;
By grsec come hardened system kernel;
Quota control is carried out to resources such as memory, CPU, disk read-writes by cgroup;
The bandwidth of each container is controlled by tc.
The foregoing description of the disclosed embodiments, enables professional and technical personnel in the field to realize or using the application. A variety of modifications to these embodiments will be apparent for those skilled in the art, as defined herein General Principle can be realized in other embodiments in the case where not departing from spirit herein or scope.Therefore, the application The embodiments shown herein is not intended to be limited to, and is to fit to and the principles and novel features disclosed herein phase one The most wide scope caused.
It should be noted that in attached drawing or specification text, the implementation that does not illustrate or describe is affiliated technology Form known to a person of ordinary skill in the art, is not described in detail in field.In addition, the above-mentioned definition to each element and method is simultaneously Various concrete structures, shape or the mode mentioned in embodiment are not limited only to, those of ordinary skill in the art can carry out more it Change or replace.
Particular embodiments described above, has carried out further in detail the purpose, technical solution and beneficial effect of the disclosure Describe in detail bright, it should be understood that the foregoing is merely the specific embodiment of the disclosure, be not limited to the disclosure, it is all Within the spirit and principle of the disclosure, any modification, equivalent substitution, improvement and etc. done should be included in the guarantor of the disclosure Within the scope of shield.

Claims (10)

1. a kind of lightweight website dispositions method based on Docker, including:
Docker services are disposed on the server;And
Docker services increase application deployment engine in Docker container performing environments, complete described based on Docker's Lightweight website is disposed.
2. the lightweight website dispositions method according to claim 1 based on Docker, wherein, the Docker services packages Include:Docker clients (Client), Docker finger daemons (Daemon), Docker mirror images (Image), Docker containers (Container) and Docker warehouses (Registry).
3. the lightweight website dispositions method according to claim 2 based on Docker, wherein, dispose on the server Docker is serviced, including:
Resource layer:The configuration of operating system aspect and deployment are completed, including kernel upgrading, Docker service arrangements, security strategy are matched somebody with somebody Put and ssh public keys are distributed;
Container floor:Relation and/or increase server resource between layout Docker containers and server;And
Application layer:Service access point is externally provided, for handling service (Service) request, or will service (Service) request Backstage (Backend) is distributed to, service (Service) request is handled by Backend containers.
4. the lightweight website dispositions method according to claim 3 based on Docker, wherein, resource layer completes operation system System aspect configures and deployment, further includes:Web configuration interface of the server as lightweight website is selected, it is private for managing one There are Docker warehouses, to distribute Docker mirror images.
5. the lightweight website dispositions method according to claim 4 based on Docker, wherein, pass through lightweight website Relation between web configuration interface layout containers and server;New server resource is added by adding equipment.
6. the lightweight website dispositions method according to claim 3 based on Docker, wherein, pass through the portion of resource layer Administration, provides resource operation plane, which is used to import mirror image, start-stop container to server to the container floor.
7. the lightweight website dispositions method according to claim 3 based on Docker, wherein, pass through the portion of container floor Administration, provides container operation plane, the relation in container operation plane between the various services of layout, is realized distributed to application layer System architecture.
8. the lightweight website dispositions method according to claim 7 based on Docker, wherein,
By Service-Backend schema construction Service dependent trees, the root node of tree outside system to providing service.
9. the lightweight website dispositions method according to claim 8 based on Docker, wherein,
When starting a service, recurrence is checked the backstage of the service by distributed system architecture, is starting the leaf section of dependent tree Put and ensure step by step to recall after state is normal and start parent service.
10. the lightweight website dispositions method according to claim 1 based on Docker, further includes:
Blocked by iptables from Docker containers to the communication of all Intranet IP;Limited by selinux or apparmor The resource that Docker containers in part processed can access;Read-only mode carry is used to part sysfs or procfs catalogue;Pass through Grsec carrys out hardened system kernel;Quota control is carried out to resources such as memory, CPU, disk read-writes by cgroup or passes through tc pairs The bandwidth of each Docker containers is controlled.
CN201711049549.XA 2017-10-31 2017-10-31 A kind of lightweight website dispositions method based on Docker Pending CN108021608A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711049549.XA CN108021608A (en) 2017-10-31 2017-10-31 A kind of lightweight website dispositions method based on Docker

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711049549.XA CN108021608A (en) 2017-10-31 2017-10-31 A kind of lightweight website dispositions method based on Docker

Publications (1)

Publication Number Publication Date
CN108021608A true CN108021608A (en) 2018-05-11

Family

ID=62080404

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711049549.XA Pending CN108021608A (en) 2017-10-31 2017-10-31 A kind of lightweight website dispositions method based on Docker

Country Status (1)

Country Link
CN (1) CN108021608A (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108897557A (en) * 2018-06-20 2018-11-27 中国联合网络通信集团有限公司 The update method and device of micro services framework
CN108959455A (en) * 2018-06-15 2018-12-07 上海陆家嘴国际金融资产交易市场股份有限公司 Single page Web application implementation method, device, computer equipment and storage medium
CN109086364A (en) * 2018-07-19 2018-12-25 深圳市网心科技有限公司 Data managing method, data management apparatus and storage medium
CN109144526A (en) * 2018-06-28 2019-01-04 国网山东省电力公司菏泽供电公司 A kind of rapid deployment system and method for automation of transformation substations software
CN109408064A (en) * 2018-09-10 2019-03-01 杭州安恒信息技术股份有限公司 A kind of visual micro services system automation dispositions method of layout and system
TWI668634B (en) * 2018-08-03 2019-08-11 廣達電腦股份有限公司 Software container based systems and methods for providing cloud services
CN111125003A (en) * 2019-11-25 2020-05-08 中科边缘智慧信息科技(苏州)有限公司 Container mirror image light weight and rapid distribution method
WO2020093843A1 (en) * 2018-11-11 2020-05-14 长沙摩智云计算机科技有限公司 Distributed multi-terminal and multi-network supporting system for android online game
CN111158855A (en) * 2019-12-19 2020-05-15 中国科学院计算技术研究所 Lightweight virtual clipping method based on micro-container and cloud function
CN111209089A (en) * 2020-02-28 2020-05-29 杭州师范大学 CTF competition online environment type topic safety deployment method based on Docker container
CN111432006A (en) * 2020-03-30 2020-07-17 中科九度(北京)空间信息技术有限责任公司 Lightweight resource virtualization and distribution method
CN112947948A (en) * 2020-01-17 2021-06-11 深圳市明源云科技有限公司 Application service deployment method and device
CN113469654A (en) * 2021-07-05 2021-10-01 安徽南瑞继远电网技术有限公司 Multi-level safety management and control system of transformer substation based on intelligent algorithm fusion

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105069353A (en) * 2015-08-11 2015-11-18 武汉大学 Security reinforcement method for credible container based on Docker
CN105119913A (en) * 2015-08-13 2015-12-02 东南大学 Web server architecture based on Docker and interactive method between modules
CN106101176A (en) * 2016-05-27 2016-11-09 成都索贝数码科技股份有限公司 The media cloud that melts of a kind of integration produces delivery system and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105069353A (en) * 2015-08-11 2015-11-18 武汉大学 Security reinforcement method for credible container based on Docker
CN105119913A (en) * 2015-08-13 2015-12-02 东南大学 Web server architecture based on Docker and interactive method between modules
CN106101176A (en) * 2016-05-27 2016-11-09 成都索贝数码科技股份有限公司 The media cloud that melts of a kind of integration produces delivery system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张怡: "基于Docker的虚拟化应用平台设计与实现", 《中国优秀硕士学位论文全文数据库信息科技辑》 *

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108959455A (en) * 2018-06-15 2018-12-07 上海陆家嘴国际金融资产交易市场股份有限公司 Single page Web application implementation method, device, computer equipment and storage medium
CN108897557B (en) * 2018-06-20 2022-06-10 中国联合网络通信集团有限公司 Updating method and device of microservice architecture
CN108897557A (en) * 2018-06-20 2018-11-27 中国联合网络通信集团有限公司 The update method and device of micro services framework
CN109144526B (en) * 2018-06-28 2022-04-12 山东鲁软数字科技有限公司智慧能源分公司 Rapid deployment system and method for substation automation software
CN109144526A (en) * 2018-06-28 2019-01-04 国网山东省电力公司菏泽供电公司 A kind of rapid deployment system and method for automation of transformation substations software
CN109086364A (en) * 2018-07-19 2018-12-25 深圳市网心科技有限公司 Data managing method, data management apparatus and storage medium
TWI668634B (en) * 2018-08-03 2019-08-11 廣達電腦股份有限公司 Software container based systems and methods for providing cloud services
US10791039B2 (en) 2018-08-03 2020-09-29 Quanta Computer Inc. Systems and methods for cloud service provisioning using software containers
CN109408064A (en) * 2018-09-10 2019-03-01 杭州安恒信息技术股份有限公司 A kind of visual micro services system automation dispositions method of layout and system
US11872482B2 (en) 2018-11-11 2024-01-16 Hunan Duoxingyun Cloud Technology Co., Ltd. Distributed multi-terminal and multi-network supporting system for android online game
WO2020093843A1 (en) * 2018-11-11 2020-05-14 长沙摩智云计算机科技有限公司 Distributed multi-terminal and multi-network supporting system for android online game
JP7193181B2 (en) 2018-11-11 2022-12-20 湖南多行云計算機科技有限公司 Distributed system of Android online game application supporting multiple terminals and multiple networks
JP2022507759A (en) * 2018-11-11 2022-01-18 長沙摩智雲計算機科技有限公司 A distributed system for Android online game apps that supports multiple devices and multiple networks
CN111125003B (en) * 2019-11-25 2024-01-26 中科边缘智慧信息科技(苏州)有限公司 Container mirror image lightweight and quick distribution method
CN111125003A (en) * 2019-11-25 2020-05-08 中科边缘智慧信息科技(苏州)有限公司 Container mirror image light weight and rapid distribution method
CN111158855B (en) * 2019-12-19 2023-06-23 中国科学院计算技术研究所 Lightweight virtual clipping method based on micro-container and cloud function
CN111158855A (en) * 2019-12-19 2020-05-15 中国科学院计算技术研究所 Lightweight virtual clipping method based on micro-container and cloud function
CN112947948A (en) * 2020-01-17 2021-06-11 深圳市明源云科技有限公司 Application service deployment method and device
CN112947948B (en) * 2020-01-17 2024-03-12 深圳市明源云科技有限公司 Deployment method and device of application service
CN111209089B (en) * 2020-02-28 2023-08-22 杭州师范大学 CTF competition online environment class title safety deployment method
CN111209089A (en) * 2020-02-28 2020-05-29 杭州师范大学 CTF competition online environment type topic safety deployment method based on Docker container
CN111432006A (en) * 2020-03-30 2020-07-17 中科九度(北京)空间信息技术有限责任公司 Lightweight resource virtualization and distribution method
CN113469654A (en) * 2021-07-05 2021-10-01 安徽南瑞继远电网技术有限公司 Multi-level safety management and control system of transformer substation based on intelligent algorithm fusion
CN113469654B (en) * 2021-07-05 2024-03-15 安徽南瑞继远电网技术有限公司 Multi-level safety control system of transformer substation based on intelligent algorithm fuses

Similar Documents

Publication Publication Date Title
CN108021608A (en) A kind of lightweight website dispositions method based on Docker
AU2020291917B2 (en) Big data application lifecycle management
US10409589B2 (en) Application centric continuous integration and delivery with automated service assurance
CN112585919B (en) Method for managing application configuration state by using cloud-based application management technology
CN103401917B (en) A kind of mixing cloud computing system and its implementation method based on cloud bus
Petcu Consuming resources and services from multiple clouds: From terminology to cloudware support
US8612976B2 (en) Virtual parts having configuration points and virtual ports for virtual solution composition and deployment
US20190026085A1 (en) Intelligent cloud engineering platform
JP7143417B2 (en) computing device
CN109803018A (en) A kind of DCOS cloud management platform combined based on Mesos and YARN
US11461119B2 (en) Virtual containers configured to support multiple machine learning models
CN106462467A (en) Integrated APIs and UIs for consuming services across different distributed networks
CN102681899A (en) Virtual computing resource dynamic management system of cloud computing service platform
CN113474751B (en) Managing software programs
Lossent et al. PaaS for web applications with OpenShift Origin
CN110661842A (en) Resource scheduling management method, electronic equipment and storage medium
Roda-Sanchez et al. Cloud–edge microservices architecture and service orchestration: An integral solution for a real-world deployment experience
Tang et al. Application centric lifecycle framework in cloud
Hamida et al. Integrated CHOReOS middleware-Enabling large-scale, QoS-aware adaptive choreographies
Odun-Ayo et al. Cloud and application programming interface–Issues and developments
Qiang et al. Open ICT‐PaaS platform enabling 5G network slicing
Alonso et al. Towards supporting the extended DevOps approach through multi-cloud architectural patterns for design and pre-deployment-a tool supported approach
Valkeinen Cloud Infrastructure Tools For Cloud Applications: Infrastructure management of multiple cloud platforms
Panica et al. Sky computing platform for legacy distributed application
Indrasiri et al. Deploying and Running Microservices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20211209

Address after: 100084 Beijing Haidian District Zhongguancun East Road 1 hospital Qinghua science and Technology Park 8 Building B block seal building

Applicant after: CERNET Co.,Ltd.

Address before: 100084 Beijing Haidian District Zhongguancun East Road 1 hospital Qinghua science and Technology Park 8 Building B block seal building

Applicant before: CERNET Co.,Ltd.

Applicant before: NEXT GENERATION INTERNET MAJOR APPLICATION TECHNOLOGY (BEIJING) ENGINEERING RESEARCH CENTER Co.,Ltd.

TA01 Transfer of patent application right
RJ01 Rejection of invention patent application after publication

Application publication date: 20180511

RJ01 Rejection of invention patent application after publication