container based virtualization
play

Container-based virtualization Process-level Extensively used in - PowerPoint PPT Presentation

Aug 19, 2023 •30 likes •250 views

C NTR Lightweight OS Containers Jrg Thalheim, Pramod Bhatotia Pedro Fonseca Baris Kasikci USENIX ATC 2018 Container-based virtualization Process-level Extensively used in Lightweight virtualization production isolation Namespaces

  1. C NTR Lightweight OS Containers Jörg Thalheim, Pramod Bhatotia Pedro Fonseca Baris Kasikci USENIX ATC 2018

  2. Container-based virtualization Process-level Extensively used in Lightweight virtualization production isolation Namespaces Cgroups 2

  3. Why lightweight containers are important? ● Fast deployment ● Low resource usage ● Low build times 3

  4. Containers are NOT lightweight anymore! Case study: Top 50 Docker Hub container images Only 33% data was accessed Lower by the applications! is better Limitations: Inefficient development and deployment of containers 4

  5. Why containers are becoming heavyweight? Container Container Build description: Host image e.g. Dockerfile Application Additional tools (MySQL) (Coreutils, ...) Container images are large due to additional tools! 5

  6. Additional tools ● What are these additional tools? ○ Debuggers, editors, coreutils, shell, etc. ● Why are they important? ○ Debugging, inspection, monitoring, management, etc. Additional tools are NOT used in the common use case 6

  7. Cntr: Split container images Original image Slim image Fat image C NTR Slim container Fat container Provides access Runs the application Serves tools to the user Common use case Deployed on demand 7

  8. Design

  9. Design goals ● Generality ○ Support a wide range of workflows (debugging, inspection, etc.) ● Transparency ○ No modifications to the OS, container engine, and application ● Efficiency ○ No performance overhead on the application 9

  10. Overview User Fat container Slim container Nested App CntrFS Tools (MySQL) server namespace (Gdb, coreutils...) Access tools Access the application Access tools via FUSE 10

  11. Nested namespace / ● Nested namespace filesystem view var usr “Fat” image lib bin usr cntr gdb “Slim” image bin mysql ● Implemented on top of existing OS features ○ Namespaces ○ FUSE 11

  12. CntrFS Nested “Fat” CntrFS Process server namespace container User space System call Request Kernel space POSIX filesystem VFS FUSE API Process and CntrFS server can run in different namespaces (container) 12

  13. Implementation ● Lightweight deployment ○ Single 1.2 MB static binary ● Easy to use root@fat-container $ cntr attach slim-container ○ root@slim-container $ ● Supports all popular containers ○ Docker, LXC, LXD, Systemd-nspawn, rkt, etc. 13

  14. Evaluation

  15. Evaluation ● Questions: 1. Is the implementation complete? 2. What are the performance overheads? 3. How effective is the approach in reducing container image sizes? ● Experimental testbed: ○ M4.xlarge VM on EC2 ○ 100 GB device of type GP2 (SSD-backed network storage) ○ Base filesystem: Ext4 15

  16. #1: Completeness ● Benchmark: Xfstests regression test suite Tests Supported tests 94 90 (95.74%) ○ Unsupported tests are minor Linux-specific implementation details ○ 3 of 4 unsupported tests also don’t work on overlayfs (default on Docker) Cntr can already be used in production 16

  17. #2 (a): Overheads for the “slim” container 0% For the common use case of accessing the slim container 17

  18. #2 (b): Overheads for the “fat” container Phoronix test suite Lower 1.5x is better Cntr incurs reasonable overhead for management tasks 18

  19. #3: Effectiveness T o p 5 0 c o n t a i n e r s o n D o c k e r H u b Containers with static Go binaries Majority of containers contains unnecessary data Average reduction is 66% of the container size 19

  20. Demo!

  21. Demo setup “Slim” Host: Access container: NixOS Via C NTR Busybox $ sudo cntr attach mycontainer $ sudo docker run --name mycontainer busybox 21

  22. Summary ● Containers are NOT lightweight in practice ○ Limitation: Inefficient development and deployment of containers ● C NTR : Lightweight OS Containers ○ Splits the container image into fat and slim parts ○ Leverages FUSE to expose additional tools in a nested namespace Generic + Transparent + Efficient Try it out! https://github.com/Mic92/cntr 22

Recommend

Container-based Virtualization University of Amsterdam MSc. System & Network Engineering

Container-based Virtualization University of Amsterdam MSc. System & Network Engineering

Power Efficiency of Hypervisor and Container-based Virtualization University of Amsterdam MSc. System & Network Engineering Research Project II Jeroen van Kessel 02-02-2016 Supervised by: dr. ir. Arie Taal dr. Paola Grosso Significance

761 views • 26 slides
Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A.

Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A.

Universit degli Studi di Roma Tor Vergata Dipartimento di Ingegneria Civile e Ingegneria Informatica Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A. 2018/19 Valeria Cardellini Case study:

979 views • 20 slides
Integrating container-based virtualization technologies into ARC-powered grid infrastructure

Integrating container-based virtualization technologies into ARC-powered grid infrastructure

Integrating container-based virtualization technologies into ARC-powered grid infrastructure Oleksandr Boretskyi, Oleksandr Bohomaz, Andrii Salnikov Taras Schevchenko National University of Kyiv e-mail: grid@grid.org.ua Koice 2016 Software

518 views • 15 slides
Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A.

Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A.

Macroarea di Ingegneria Dipartimento di Ingegneria Civile e Ingegneria Informatica Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A. 2019/20 Valeria Cardellini Laurea Magistrale in Ingegneria

437 views • 21 slides
Convergence of your virtualization and container infrastructures with KubeVirt Fabian Deutsch,

Convergence of your virtualization and container infrastructures with KubeVirt Fabian Deutsch,

Convergence of your virtualization and container infrastructures with KubeVirt Fabian Deutsch, Red Hat, Virtualization & IaaS, FOSDEM 2018 1 Hello. Fedora user and former package maintainer oVirt and KubeVirt Contributor Working at Red

648 views • 42 slides
Network Virtualization What is Network Virtualization? Abstraction of the physical network

Network Virtualization What is Network Virtualization? Abstraction of the physical network

Network Virtualization What is Network Virtualization? Abstraction of the physical network Support for multiple logical networks running on a common shared physical substrate A container of network services Aspects of the

589 views • 21 slides
Evaluation of virtualization and traffic filtering methods for container networks ukasz

Evaluation of virtualization and traffic filtering methods for container networks ukasz

Evaluation of virtualization and traffic filtering methods for container networks ukasz Makowski Cees de Laat Paola Grosso makowski@uva.nl delaat@uva.nl pgrosso@uva.nl Our goal: Improving on scientific workloads Digital data sharing

251 views • 21 slides
Virtualization Virtualization Memory virtualization Process feels like it has its own

Virtualization Virtualization Memory virtualization Process feels like it has its own

4/25/08 Virtualization Virtualization Memory virtualization Process feels like it has its own address space Created by MMU, configured by OS Storage virtualization Logical view of disks connected to a machine External

441 views • 8 slides
AMD Pacifica Virtualization Technology AMD Unveils Virtualization Platform AMD Pacifica

AMD Pacifica Virtualization Technology AMD Unveils Virtualization Platform AMD Pacifica

AMD Pacifica Virtualization Technology AMD Unveils Virtualization Platform AMD Pacifica Tutorial 2 Virtual Machine Approaches Carve a Server into Many Virtual Machines Hosted Hypervisor-based Virtualization Virtualization App App

539 views • 18 slides
A Fault Tolerant Virtualization Server Based on Xen Jrgen Gro Virtualization Kernel

A Fault Tolerant Virtualization Server Based on Xen Jrgen Gro Virtualization Kernel

A Fault Tolerant Virtualization Server Based on Xen Jrgen Gro Virtualization Kernel Developer SUSE Linux GmbH, jgross@suse.com Status Quo Standard Xen Virtualization Server dom0 HVM pv Net- Block- xenstore qemu backend backend

421 views • 23 slides
Kata-Containers on openSUSE Ralf Haferkamp, Container Software Engineer, SUSE Dario Faggioli,

Kata-Containers on openSUSE Ralf Haferkamp, Container Software Engineer, SUSE Dario Faggioli,

Kata-Containers on openSUSE Ralf Haferkamp, Container Software Engineer, SUSE Dario Faggioli, Virtualization Software Engineer, SUSE What is Kata Containers A container runtime providing stronger isolation by using hardware virtualization

528 views • 15 slides
Virtualization in Fedora Virtualization in Fedora (KVM based) (KVM based) Kashyap Chamarthy

Virtualization in Fedora Virtualization in Fedora (KVM based) (KVM based) Kashyap Chamarthy

Virtualization in Fedora Virtualization in Fedora (KVM based) (KVM based) Kashyap Chamarthy Kashyap Chamarthy kashyapc@fedoraproject.org kashyapc@fedoraproject.org Outline 1/ Virtualization at a glance 2/ Overview of KVM based Virt 3/

151 views • 13 slides
Virtualization What is Virtualization? Virtualization is the simulation of the software and/

Virtualization What is Virtualization? Virtualization is the simulation of the software and/

Virtualization What is Virtualization? Virtualization is the simulation of the software and/ or hardware upon which other software runs. This simulated environment is called a virtual machine --Wikipedia 2 Computer Systems Arch.

1.26k views • 26 slides
diskimage-builder: Building Linux Images for Cloud / Virtualization / Container Lets start

diskimage-builder: Building Linux Images for Cloud / Virtualization / Container Lets start

diskimage-builder: Building Linux Images for Cloud / Virtualization / Container Lets start with a little bit of history: Once upon a time... About the Author Andreas Florath andreas@florath.net Mathematician (RWTH Aachen) Currently

902 views • 27 slides
DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x Galley Container 1x Medical Container 1x Feed Water Container 1x Water Treatment Container 2x Generator Container 1x

569 views • 8 slides
A Gentle Introduction to Container-based CI for Coq projects rik Martin-Dorel ACADIE team /

A Gentle Introduction to Container-based CI for Coq projects rik Martin-Dorel ACADIE team /

Introduction to Container-based CI/CD Presentation of docker-coq About docker-keeper and concluding remarks A Gentle Introduction to Container-based CI for Coq projects rik Martin-Dorel ACADIE team / IRIT lab. / Univ. Toulouse III - Paul

524 views • 25 slides
Adding virtualization support in MIPS 4Kc-based MPSoCs Omitted for blind review occupation.

Adding virtualization support in MIPS 4Kc-based MPSoCs Omitted for blind review occupation.

Adding virtualization support in MIPS 4Kc-based MPSoCs Omitted for blind review occupation. Experiments demonstrate the overhead of the Abstract Virtualization has emerged as a feasible technique for Embedded Systems, providing safer

237 views • 7 slides
Virtualization and SDN Applications 2 Virtualization Network Virtualization Sharing

Virtualization and SDN Applications 2 Virtualization Network Virtualization Sharing

4/1/2013 Virtualization and SDN Applications 2 Virtualization Network Virtualization Sharing physical hardware or software resources by Share physical network resources to form multiple multiple users and/or use cases diverse virtual

511 views • 5 slides
4/22/2009 Virtualization Memory virtualization Process feels like it has its own address

4/22/2009 Virtualization Memory virtualization Process feels like it has its own address

4/22/2009 Virtualization Memory virtualization Process feels like it has its own address space Created by MMU, configured by OS Distributed Systems Storage virtualization Logical view of disks connected to a machine

407 views • 3 slides
Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare

Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare

Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare metal. Dedicated virtualization machine. Higher performance. Typical for servers. Type 2 Virtualization Hypervisor sits on

571 views • 17 slides
Virtualization and Containerization What is Virtualization? What is Containerization? What does

Virtualization and Containerization What is Virtualization? What is Containerization? What does

Virtualization and Containerization What is Virtualization? What is Containerization? What does this do for us? Virtual Machines: Terminology Types of Hypervisors VirtualBox and VMWare

2.8k views • 30 slides
Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene

Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene

Introduction Container Library Container Tools FUSE Container File System Evaluation Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene Michael Kuhn Parallele und Verteilte Systeme Institut f ur

353 views • 22 slides
Virtualization Technology Zhiming Shen Virtualization: rejuvenation 1960s: first track of

Virtualization Technology Zhiming Shen Virtualization: rejuvenation 1960s: first track of

Virtualization Technology Zhiming Shen Virtualization: rejuvenation 1960s: first track of virtualization Time and resource sharing on expensive mainframes IBM VM/370 Late 1970s and early 1980s: became unpopular Cheap

924 views • 34 slides
Virtualization of Linux based computers: Virtualization of Linux based computers: the Linux-

Virtualization of Linux based computers: Virtualization of Linux based computers: the Linux-

Virtualization of Linux based computers: Virtualization of Linux based computers: the Linux- -VServer project VServer project the Linux Beno t des Ligneris, Ph. D. t des Ligneris, Ph. D. Beno Benoit.des.Ligneris@RevolutionLinux.com

2.37k views • 198 slides

More recommend