2. 話說從頭
• Web 服務跟 db 應該放在同一
個 container 才對
• 這沒辦法說服我!
• 根據我的想像,愈多
container 應該是愈吃資源
有一天,對話是這樣的…
• 但是這樣不好管理,通常一個
container 只放一個 service
• ………
• ㄟ…其實我也不清楚底層是怎
麼做的
3. 先說結論
• One container should have one service
• 讓 container 更易於管理
• 維持可擴充性 (對 web 服務而言)
4. 其它人怎麼說
• Docker 官網 Run only one process per container
• Run only one process per container. In almost all cases, you should only
run a single process in a single container. Decoupling applications into
multiple containers makes it much easier to scale horizontally and reuse
containers. If that service depends on another service, make use of
container linking.
9. 再來從 Linux 的 Process Namespace 說起
• Every time a computer with Linux boots up, it starts with just
one process, with process identifier (PID) 1, this process is the
root of the process tree
• The PID namespace allows one to spin off a new tree, with its
own PID 1 process
14. 所以…
• container 為 Docker Daemon 的子 process
• container 各自擁有自己的 process namespace
• container 之間是相互隔離的
• 啟動 container 時,跟著 container 一起啟動的 process 的 PID 為1
• container 停止時,會將 PID 1 的 process 及其子 process 終止
15. References
• Each container should have only one concern
https://docs.docker.com/engine/userguide/eng-
image/dockerfile_best-practices/#/each-container-should-have-
only-one-concern
• 理解Docker容器的進程管理
https://yq.aliyun.com/articles/5545
• Separation Anxiety: A Tutorial for Isolating Your System with
Linux Namespaces
https://www.toptal.com/linux/separation-anxiety-isolating-your-
system-with-linux-namespaces