Shared Memory Channels
System containers enable the communication between container and host processes through shared memory. You can set the --host-channel parameter when creating a container to allow the host to share the same tmpfs with the container so that they can communicate with each other.
- The lifecycle of tmpfs mounted on the host starts from the container startup to the container deletion. After a container is deleted and its occupied space is released, the space is removed.
- When a container is deleted, the path to which tmpfs is mounted on the host is deleted. Therefore, an existing directory on the host cannot be used as the mount path.
- To ensure that processes running by non-root users on the host can communicate with containers, the permission for tmpfs mounted on the host is 1777.
Specify the --host-channel parameter when creating a container.
[root@localhost ~]# isula run --rm -it --host-channel /testdir:/testdir:rw:32M --system-container --external-rootfs /root/myrootfs none init
root@3b947668eb54:/# dd if=/dev/zero of=/testdir/test.file bs=1024 count=64K
dd: error writing '/testdir/test.file': No space left on device
32769+0 records in
32768+0 records out
33554432 bytes (34 MB, 32 MiB) copied, 0.0766899 s, 438 MB/s
- If --host-channel is used for size limit, the file size is constrained by the memory limit in the container. (The OOM error may occur when the memory usage reaches the upper limit.)
- If a user creates a shared file on the host, the file size is not constrained by the memory limit in the container.
- If you need to create a shared file in the container and the service is memory-intensive, you can add the value of --host-channel to the original value of the container memory limit, eliminating the impact.