I thought I understood Docker until I saw the Busy

2020-05-19 04:46发布

问题:

I thought I understood Docker. I understood it as a way to package up software with lots of dependencies..to basically create a little world where absolutely everything is taken care of for a piece of software. Then I stumbled upon this on DockerHub

https://hub.docker.com/_/busybox/

It's an image for BusyBox, which is a tiny little Linux binary that is meant for embedded systems. Then the top comment says:

Busybox is awesome :) By far the most useful container per byte on the entire registry.

But I don't understand at all why this image exists, which makes me think that I don't actually understand why Docker exists. What is the point of a BusyBox docker image?

回答1:

A Busybox docker image is useful if one is building a container for which busybox can fulfill its dependency chain without needing a full Linux distro.

Often, an embedded appliance can consist of nothing but a statically-linked copy of busybox, an init script that mounts procfs, sysfs, &c. with busybox-provided tools, and then the actual application being invoked. With docker setting up the filesystem namespace, even that init script isn't necessarily needed.



回答2:

In addition to being a convenient base to use for other docker images. Busybox also makes a very convenient initContainer for kubernetes: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/

Say you need something to happen that sets up the pod filesystem before your real container starts running then busybox is great at this..

As a concrete example the official redis image doesn't run redis as root and so it cannot access the filesystem. If you were running redis with disk backup (in appendonly mode for example) you would need to open up that disk permission for it.

a valid (though probably hacky) initContainer for a statefulSet of redis might looks something like so:

      initContainers:
      - name: redis-data-permission-fix
        image: busybox
        command: ["/bin/chmod", "-R", "777", "/opt/data/redis"]
        volumeMounts:
        - name: data
          mountPath: /opt/data/redis


回答3:

But I don't understand at all why this image exists, which makes me think that I don't actually understand why Docker exists. What is the point of a BusyBox docker image?

I just started using BusyBox with docker, but so far it has been convenient to use with the --rm command to create unsaved instances with common built in utilities like ping, and yeah just ping so far :/

docker container run --rm -it --network [network_name] busybox

and then all those utilities in BusyBox are available on that docker custom network and instantly destroyed when you exit the BusyBox CLI