-----转载-----
本篇文章关注的重点是“容器”,正文将详细阐述容器的定义、原理、优势、以及跟虚拟机之间的差别。
01
本段主要阐述了容器的定义,总结来说,容器是为了解决“在切换运行环境时,如何保证软件能够正常运行”这一问题。
What are containers and why do you need them?
Containers are a solution to the problem of how to get software to run reliably when moved from one computing environment to another. This could be from a developer's laptop to a test environment, from a staging environment into production, and perhaps from a physical machine in a data center to a virtual machine in a private or public cloud.
什么是容器?你为什么需要它们?
容器是针对以下问题的解决方案:在切换运行环境后,如何保证软件能够可靠地运行?这种切换可能是从程序员的笔记本电脑到测试环境、从某个测试阶段部署到线上,也可能是从数据中心的某台物理机到私有云或者公有云上的某台虚拟机。
container 容器
reliably 可靠地
developer 开发者
laptop 笔记本电脑
production 生产环境
physical 物理的
virtual 虚拟的
private cloud 私有云
public cloud 公有云
02
当支持软件运行的环境不一致时,就会出现一些奇怪的问题。
Problems arise when the supporting software environment is not identical, says Docker creator Solomon Hykes. "You're going to test using Python 2.7, and then it's going to run on Python 3 in production and something weird will happen. Or you'll rely on the behavior of a certain version of an SSL library and another one will be installed. You'll run your tests on Debian and production is on Red Hat and all sorts of weird things happen."
当支持软件运行的环境不一致时,问题就出现了。Docker的创始人Solomon Hykes说过“你在Python2.7下测试,线上却运行着Python3,奇怪的事情就发生了;或者你依赖具体某个SSL版本的功能,但服务器上却安装着另外版本的SSL;你在Debian系统上进行了测试,生产环境却是Red Hat,那各种各样的奇怪的事情就会发生。”
arise 出现
creator 创始人
identical 完全相同的
install 安装
sorts of 各种各样的
03
但是导致问题的除了软件的运行环境不一样,网络的拓扑结构也可能不一样,安全策略、存储服务也有可能不一样。
And it's not just different software that can cause problems, he added. "The network topology might be different, or the security policies and storage might be different but the software has to run on it."
而且造成问题的不单单是不一样的软件环境,他补充说:“网络的拓扑结构也可能不一样,或者安全策略、存储服务也有可能不一样,但是你的软件还是必须运行在这些环境中。”
cause 引起
add 补充
network topology 网络拓扑结构
policy 策略
storage 存储
04
对于以上几个问题,容器是如何解决的呢?本段即为答案。
How do containers solve this problem?
Put simply, a container consists of an entire runtime environment: an application, plus all its dependencies, libraries and other binaries, and configuration files needed to run it, bundled into one package. By containerizing the application platform and its dependencies, differences in OS distributions and underlying infrastructure are abstracted away.
“容器”如何解决这个问题呢?
简单地说,一个容器包含了完整的运行时环境:一个应用、这个应用所需的全部依赖、类库、其他二进制文件、配置文件,它们统一被打入了一个包中。通过将应用平台和其依赖容器化,操作系统发行版本和其他基础环境造成的差异,都被抽象掉了。
consists of 包含
entire 完整的
runtime 运行时
plus 加上
binary 二进制的
bundle into 打包成
package 包
containerize 容器化
distribution 发行版本
underlying 基础的
infrastructure 基础结构
abstract 使抽象化
05
看到这里,有的人可能会联想到虚拟化技术,因为乍看起来,虚拟机和容器有些类似,那么二者之间有什么区别呢?
What's the difference between containers and virtualization?
With virtualization technology, the package that can be passed around is a virtual machine, and it includes an entire operating system as well as the application. A physical server running three virtual machines would have a hypervisor and three separate operating systems running on top of it.
虚拟化和容器有什么不同?
使用虚拟化技术时,可以被分发的文件包是一台虚拟机,它包含了整个操作系统和应用。一台运行着三个虚拟机的物理服务器,需要有一个管理虚拟机软件的中间层,以及运行在这个中间层之上的三个独立操作系统。
virtualization 虚拟化
pass around 传递,分发
as well as 和,也
hypervisor 管理程序,虚拟机监视器
separate 单独的
06
上段我们了解了虚拟化技术的原理,相比之下,容器又是怎样运作的呢?二者之间,哪个更有优势呢?
By contrast a server running three containerized applications with Docker runs a single operating system, and each container shares the operating system kernel with the other containers. Shared parts of the operating system are read only, while each container has its own mount (i.e., a way to access the container) for writing. That means the containers are much more lightweight and use far fewer resources than virtual machines.
相较之下,一台运行着三个容器应用的服务器,只需要一个操作系统,而每个容器都可以和别的容器共享同一个操作系统内核。操作系统中被容器共享的部分是只读的,如果需要写入,每个容器都可以挂载独立的服务。这也就是说,容器比虚拟机要轻量级很多,它消耗的资源相较于虚拟机也少得多。
by contrast 相比之下
kernel 内核
read only 只读
lightweight 轻量的
07
除了上文提到的更轻量、资源消耗更少外,容器还有哪些优点呢?本段作者将会为我们阐述第一个优点。
What other benefits do containers offer?
A container may be only tens of megabytes in size, whereas a virtual machine with its own entire operating system may be several gigabytes in size. Because of this, a single server can host far more containers than virtual machines.
容器还可以提供哪些其他的好处?
一个容器的文件大小可能只有几十M,但是一个拥有完整操作系统的虚拟机却可能是几个G。正因为这一点,对于一个独立服务器来说,它能承载的容器的数量比虚拟机的数量多得多。
benefit 好处
megabyte 兆字节
whereas 但是
08
容器的第二个优点体现在了启动速度上,虚拟机可能要花费好几分钟,而容器几乎能瞬间完成。
Another major benefit is that virtual machines may take several minutes to boot up their operating systems and begin running the applications they host, while containerized applications can be started almost instantly. That means containers can be instantiated in a "just in time" fashion when they are needed and can disappear when they are no longer required, freeing up resources on their hosts.
另一个主要的优点是,虚拟机可能要耗费好几分钟的时间,才能启动操作系统、开始运行应用;然而容器中应用的启动几乎可以瞬间完成。这意味着,如果需要部署更多的容器,它们的实例化可以很快完成;如果不需要这些容器了,也可以很快将它们从宿主服务器上释放掉。
major 主要的
boot up 启动
instantly 立刻,马上
instantiate 实例化
free up 释放
09
容器的第三个优点体现在模块化上,使用容器可以实现更好的模块化。
A third benefit is that containerization allows for greater modularity. Rather than run an entire complex application inside a single container, the application can be split into modules (such as the database, the application front end, and so on). This is the so-called microservices approach.
第三个优点是,容器化更好地顾及到了模块化。一个复杂的应用可以被细分成小的模块(比如数据库、应用前端等等),而不是将它运行在某一个容器中。这种方式通常被称为“微服务”。
allow for 考虑到
modularity 模块化
rather than 而不是
split into 分成
front end 前端
so-called 所谓的
microservice 微服务
Applications built in this way are easier to manage because each module is relatively simple, and changes can be made to modules without having to rebuild the entire application. Because containers are so lightweight, individual modules (or microservices) can be instantiated only when they are needed and are available almost immediately.
使用这种方法构建的应用更容易被管理,因为每个模块都相对简单,而且需要更新某些模块时,不需要重新构建整个应用。因为容器非常轻量级,单独模块(或微服务)只有在它们被需要时才会被实例化,然后几乎瞬间就变得可用了。
complexity 复杂性
manage 管理
relatively 相对地
rebuild 重新构建
available 可用