Container-based task execution method and apparatus

What is claimed is: 1 . A container-based task execution method, comprising: receiving a submitted task description file for a to-be-executed task, wherein the task description file comprises a first identifier of a first image file; upon determining that the first identifier is in a whitelist, detecting whether there is specified executable file information in the task description file, wherein the first identifier is added to the whitelist in accordance with a determination that specified executable file information comprised in the first image file is secure; upon detecting that there is no specified executable file information in the task description file, creating a container group by using the task description file, and executing the to-be-executed task based on the container group and the specified executable file information comprised in the first image file. 2 . The method according to claim 1 , wherein receiving the submitted task description file for the to-be-executed task comprises: receiving the task description file that is for the to-be-executed task and that is obtained based on an input operation performed by a user. 3 . The method according to claim 1 , further comprising: upon determining that the first identifier is not in the whitelist, rejecting execution of the to-be-executed task. 4 . The method according to claim 1 , wherein detecting whether there is specified executable file information in the task description file comprises: detecting whether an executable file field in the task description file is in an unset state, and upon detecting that the executable file field in the task description file is in the unset state, determining that there is no specified executable file information in the task description file. 5 . The method according to claim 4 , wherein the unset state comprises that a field value is a null value, or the field value is a preset value identifying that the field value is unavailable. 6 . The method according to claim 1 , further comprising: upon detecting that there is specified executable file information in the task description file, rejecting execution of the to-be-executed task. 7 . The method according to claim 1 , wherein the method is performed by a container management platform. 8 . The method according to claim 7 , wherein the container management platform comprises an admission layer and a management layer; the admission layer receives the submitted task description file for the to-be-executed task, wherein the task description file comprises the first identifier of the first image file; upon determining that the first identifier is in the whitelist, detects whether there is specified executable file information in the task description file; and upon detecting that there is no specified executable file information in the task description file, sends the task description file to the management layer; and the management layer executes the to-be-executed task based on the container group created by using the task description file and the specified executable file information comprised in the first image file. 9 . The method according to claim 7 , wherein executing the to-be-executed task comprises: generating a container group description file based on the task description file; and executing the to-be-executed task based on the container group created by using the container group description file and the specified executable file information comprised in the first image file. 10 . The method according to claim 9 , wherein executing the to-be-executed task based on the container group created by using the container group description file and the specified executable file information comprised in the first image file comprises: creating the container group by using the container group description file, and executing the to-be-executed task based on the container group and the specified executable file information comprised in the first image file. 11 . The method according to claim 9 , wherein executing the to-be-executed task comprises: sending the container group description file to a specified node device, so that the node device creates the container group by using the container group description file, and executes the to-be-executed task by using the container group and the specified executable file information comprised in the first image file. 12 . The method according to claim 7 , wherein the container management platform is further configured to deploy the to-be-executed task to a server and a plurality of service party devices; and executing the to-be-executed task comprises: generating a first container group description file for the server based on the task description file, wherein the first container group description file comprises configuration information for the server; respectively generating second container group description files for the plurality of service party devices based on the task description file, wherein the second container group description files respectively comprise configuration information for corresponding service party devices; sending the plurality of generated container group description files to the corresponding server and service party devices, so that the server and the service party devices create container groups by using the respective container group description files, and execute the to-be-executed task based on the respectively created container groups and the specified executable file information comprised in the first image file. 13 . A computing device comprising: a memory, and a processor coupled to the memory, the processor configured to execute a container management platform, including an admission layer and a management layer, wherein the admission layer is configured to receive a submitted task description file for a to-be-executed task, wherein the task description file comprises an identifier of a first image file; upon determining that the first identifier is in a whitelist, detects whether there is specified executable file information in the task description file; and upon detecting that there is no specified executable file information in the task description file, sends the task description file to the management layer, wherein the first identifier is added to the whitelist upon determining that specified executable file information comprised in the first image file is secure; and the management layer is configured to execute the to-be-executed task based on a container group created by using the task description file and the specified executable file information comprised in the first image file. 14 . A non-transitory computer-readable storage medium comprising instructions stored therein that, when executed by a processor of a computing device, cause the processor to: receive a submitted task description file for a to-be-executed task, wherein the task description file comprises a first identifier of a first image file; upon determining that the first identifier is in a whitelist, detect whether there is specified executable file information in the task description file, wherein the first identifier is added to the whitelist in accordance with a determination that specified executable file information comprised in the first image file is secure; upon detecting that there is no specified executable file information in the task description file, create a container group by using the task description file, and execute the to-be-executed task based on the container group and the specified executable file information comprised in the first image file.