linux有6种命名空间:Network, UTS, Users, Mount, IPC, Pid .我知道所有容器都与 Kubernetes pod 中的 pause 容器共享相同的网络命名空间。默认情况下,不同的容器有不同的 PID 命名空间,因为它们有不同的 init 进程。但是,其他命名空间如何?为什么?
最佳答案
根据this article :
Containers in a Pod run on a “logical host”; they use the same network namespace (in other words, the same IP address and port space), and the same IPC namespace.
Containers in a Pod share the same IPC namespace, which means they can also communicate with each other using standard inter-process communications such as SystemV semaphores or POSIX shared memory.
Containers in a Pod are accessible via “localhost”; they use the same network namespace. Also, for containers, the observable host name is a Pod’s name. Because containers share the same IP address and port space, you should use different ports in containers for incoming connections. In other words, applications in a Pod must coordinate their usage of ports.
您也可以enable sharing Process namespace通过指定
v1.PodSpec.shareProcessNamespace: true 在 Pod 中的容器之间.
关于namespaces - Kubernetes pod 中的容器之间共享哪些命名空间?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51765555/