CONTAINER ISOLATION METHOD AND DEVICE FOR NETLINK RESOURCE

CONTAINER ISOLATION METHOD AND DEVICE FOR NETLINK RESOURCE

A container isolation method and apparatus for a netlink resource are disclosed. A kernel receives a trigger instruction that is used to create a container and that is delivered by an application program. The kernel creates, according to the trigger instruction, a container corresponding to the appl...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: ZHONG, Guocheng, YANG, Jianrui, LIU, Jinmiao, ZHANG, Liang
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A container isolation method and apparatus for a netlink resource are disclosed. A kernel receives a trigger instruction that is used to create a container and that is delivered by an application program. The kernel creates, according to the trigger instruction, a container corresponding to the application program, creates a netlink namespace for the container, and sends, to the application program, a notification indicating that the netlink namespace is successfully created. The kernel receives a first netlink message delivered by the container, where the first netlink message includes entries generated when the container runs. The kernel stores the entries based on an identifier of the netlink namespace, so that the container obtains a required entry from the kernel. According to the method, a netlink namespace mechanism is created, to isolate netlink channels, and reduce broadcast storms of netlink messages, thereby improving efficiency of processing a netlink multicast packet.