Can I fork, spawn a process inside an app when I push this in the cloud foundry container? I am trying to understand from process isolation, fs isolation, health check, nating and routing how does this work --- and how to reach to the child process listening on a port within the container?
当我在云代工厂容器中推送这个进程时,我能否在应用程序内生成一个进程?我试图理解从进程隔离,fs隔离,健康检查,nating和路由这是如何工作的---以及如何到达监听容器内端口的子进程?
1 个解决方案
#1
3
Yes, you can. Each pushed application runs in a separate container complete with its own namespaces, control groups, and resource limits. In particular, both parent and child processes run in the container's PID, mount, and network namespaces (among others).
是的你可以。每个推送的应用程序都在一个单独的容器中运行,该容器具有自己的命名空间,控制组和资源限制。特别是,父进程和子进程都在容器的PID,mount和网络命名空间(以及其他)中运行。
To reach the child process's port, you need to open the port so it is accessible from the network. I suspect one way to do this is to use an application security group since the container manager's primitive for opening a port is not exposed to end users.
要访问子进程的端口,您需要打开端口,以便可以从网络访问它。我怀疑一种方法是使用应用程序安全组,因为容器管理器用于打开端口的原语不会向最终用户公开。