Storage isolation for containers
US11126740B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 20, 2017 |
| Grant date | Sep 21, 2021 |
| Priority date | — |
| Expiry date | Jul 25, 2037 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F3/0602
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An application running in a container is able to access files stored on disk via normal file system calls, but in a manner that remains isolated from applications and processes in other containers. In one aspect, a namespace virtualization component is coupled with a copy-on-write component. When an isolated application is accessing a file stored on disk in a read-only manner, the namespace virtualization component and copy-on-write component grant access to the file. But, if the application requests to modify the file, the copy-on-write component intercepts the I/O and effectively creates a copy of the file in a different storage location on disk. The namespace virtualization component is then responsible for hiding the true location of the copy of the file, via namespace mapping.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.