简介
docker是一个是用来linux namespace 和 cgroups 的虚拟化工具。
下面几个小节学习linux namespace技术,以及使用golang实现。
环境:
- ubuntu 16.04 LTS
- golang 1.12.5
ps: mac系统的syscall和linux上的有些不同。
一、UTS Namespace 隔离主机名和域名
UTS namespace(UNIX Time-sharing System namespace)用来隔离系统的hostname以及NIS(Network Information System) domain name 。
1. hostname 主机名
局域网内查找主机
root@godev:~# cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 godev godev # 可以ping godev
# 三部分组成
# IP 地址 主机名[.域名] [主机名(主机名别名)]
2. NIS(Network Information System)
百度了一下,找下面这个网址。简单的了解了下。
https://www.freebsd.org/doc/handbook/network-nis.html
Network Information System (NIS) is designed to centralize administration of UNIX®-like systems such as Solaris™, HP-UX, AIX®, Linux, NetBSD, OpenBSD, and FreeBSD. NIS was originally known as Yellow Pages but the name was changed due to trademark issues. This is the reason why NIS commands begin with yp.
NIS is a Remote Procedure Call (RPC)-based client/server system that allows a group of machines within an NIS domain to share a common set of configuration files. This permits a system administrator to set up NIS client systems with only minimal configuration data and to add, remove, or modify configuration data from a single location.
FreeBSD uses version 2 of the NIS protocol.
NIS是C/S模式的系统。用于让一组机器共享公共配置文件。
Golang实现
package main
import (
"log"
"os"
"os/exec"
"syscall"
)
func main() {
// fork出新的进程。并执行sh命令
cmd := exec.Command("sh")
// 设置Cloneflags。 clone新的UTS命名空间
cmd.SysProcAttr = &syscall.SysProcAttr{
Cloneflags: syscall.CLONE_NEWUTS, // 注释这一行前后,对比一下UTS的隔离情况
最低0.47元/天 解锁文章
298
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
