OS Virtualization. Linux Containers (LXC)

Similar documents
Types of Virtualization. Types of virtualization

Module 1: Virtualization. Types of Interfaces

Container Adoption for NFV Challenges & Opportunities. Sriram Natarajan, T-Labs Silicon Valley Innovation Center

Deployment Patterns using Docker and Chef

Multiprocessor Scheduling. Multiprocessor Scheduling

OS Containers. Michal Sekletár November 06, 2016

Introduction to Virtualization and Containers Phil Hopkins

Travis Cardwell Technical Meeting

Linux Containers Roadmap Red Hat Enterprise Linux 7 RC. Bhavna Sarathy Senior Technology Product Manager, Red Hat

RDMA Container Support. Liran Liss Mellanox Technologies

SAINT LOUIS JAVA USER GROUP MAY 2014

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Virtualizaton: One Size Does Not Fit All. Nedeljko Miljevic Product Manager, Automotive Solutions MontaVista Software

ISLET: Jon Schipp, AIDE jonschipp.com. An Attempt to Improve Linux-based Software Training

Flip the Switch to Container-based Clouds

An introduction to Docker

1 Virtualization Recap

Threads. CS3026 Operating Systems Lecture 06

[Docker] Containerization

Distributed Systems Principles and Paradigms

Introduction to Container Technology. Patrick Ladd Technical Account Manager April 13, 2016

Windows Azure Services - At Different Levels

Faculté Polytechnique

Lecture 5: February 3

CS 470 Spring Virtualization and Cloud Computing. Mike Lam, Professor. Content taken from the following:

Alternatives to Solaris Containers and ZFS for Linux on System z

Verteilte Systeme (Distributed Systems)

IBM Bluemix compute capabilities IBM Corporation

For use by students enrolled in #71251 CSE430 Fall 2012 at Arizona State University. Do not use if not enrolled.

High Performance Containers. Convergence of Hyperscale, Big Data and Big Compute

Docker A FRAMEWORK FOR DATA INTENSIVE COMPUTING

Using Linux Containers as a Virtualization Option

The four forces of Cloud Native

Lecture 09: VMs and VCS head in the clouds

Distributed Systems COMP 212. Lecture 18 Othon Michail

Docker for HPC? Yes, Singularity! Josef Hrabal

Operating Systems 4/27/2015

DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN. Chapter 3 Processes

CS-580K/480K Advanced Topics in Cloud Computing. Container III

I/O and virtualization

Cloud I - Introduction

COS 318: Operating Systems. Virtual Machine Monitors

Introduction to containers

for Kerrighed? February 1 st 2008 Kerrighed Summit, Paris Erich Focht NEC

Distributed File Systems

ECE519 Advanced Operating Systems

LINUX Virtualization. Running other code under LINUX

VM Migration, Containers (Lecture 12, cs262a)

CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives

Introduction to Containers

OS Security III: Sandbox and SFI

Threads Implementation. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University

Docker and Oracle Everything You Wanted To Know

Docker Deep Dive. Daniel Klopp

Mesosphere and the Enterprise: Run Your Applications on Apache Mesos. Steve Wong Open Source Engineer {code} by Dell

IBM Research Report. A Comparison of Virtualization Technologies for Use in Cloud Data Centers

Operating Systems: Internals and Design Principles. Chapter 2 Operating System Overview Seventh Edition By William Stallings

Building A Better Test Platform:

EE 660: Computer Architecture Cloud Architecture: Virtualization

STATUS OF PLANS TO USE CONTAINERS IN THE WORLDWIDE LHC COMPUTING GRID

docker & HEP: containerization of applications for development, distribution and preservation

Parallels Virtuozzo Containers

MultiLanes: Providing Virtualized Storage for OS-level Virtualization on Many Cores

Multitiered Architectures & Cloud Services. Benoît Garbinato

Virtualization. Michael Tsai 2018/4/16

CSC 5930/9010 Cloud S & P: Virtualization

e-pg Pathshala Subject: Computer Science Paper: Cloud Computing Module 23: Virtualization II Module No: CS/CC/23 Quadrant 1 e-text

Performance Evaluation of Virtualization Technologies

Virtualization. Santa Clara Valley Chapter of the IEEE Communication Society June 20, 2007 Scott Lurndal, 3Leaf Systems

Docker und IBM Digital Experience in Docker Container

Processes. CS3026 Operating Systems Lecture 05

Exercise (could be a quiz) Solution. Concurrent Programming. Roadmap. Tevfik Koşar. CSE 421/521 - Operating Systems Fall Lecture - IV Threads

Container-Native Storage

개발자와운영자를위한 DevOps 플랫폼 OpenShift Container Platform. Hyunsoo Senior Solution Architect 07.Feb.2017

Kubernetes Integration with Virtuozzo Storage

Last class: Today: CPU Scheduling. CPU Scheduling Algorithms and Systems

Motivation. Threads. Multithreaded Server Architecture. Thread of execution. Chapter 4

Think Small to Scale Big

Operating System Architecture. CS3026 Operating Systems Lecture 03

Operating Systems: Internals and Design Principles. Chapter 4 Threads Seventh Edition By William Stallings

Operating system hardening

Midterm Presentation Schedule

Comparative Analysis on Docker and Virtual Machine in Cloud Computing

CSCE 410/611: Virtualization

Chapter 4 Threads, SMP, and

Nested Virtualization and Server Consolidation

ISSN (Online)

Lecture 17: Threads and Scheduling. Thursday, 05 Nov 2009

Using MySQL in a Virtualized Environment. Scott Seighman Systems Engineer Sun Microsystems

Chapter 5 C. Virtual machines

Chapter 4: Multithreaded Programming. Operating System Concepts 8 th Edition,

WebLogic Server- Tips & Tricks for Troubleshooting Performance Issues. By: Abhay Kumar AST Corporation

Process Description and Control

Virtual Machine Monitors!

CHAPTER 16 - VIRTUAL MACHINES

InterSystems Cloud Manager & Containers for InterSystems Technologies. Luca Ravazzolo Product Manager

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2

EBOOK DATABASE CONSIDERATIONS FOR DOCKER

Shared File System Requirements for SAS Grid Manager. Table Talk #1546 Ben Smith / Brian Porter

Container-based virtualization: Docker

Transcription:

OS Virtualization Emulate OS-level interface with native interface Lightweight virtual machines No hypervisor, OS provides necessary support Referred to as containers Solaris containers, BSD jails, Linux containers Lecture 4, page 31 Linux Containers (LXC) Containers share OS kernel of the host OS provides resource isolation Benefits Fast provisioning, bare-metal like performance, lightweight Material courtesy of Realizing Linux Containers by Boden Russell, IBM Lecture 4, page 32

OS Mechanisms for LXC OS mechanisms for resource isolation and management namespaces: process-based resource isolation Cgroups: limits, prioritization, accounting, control chroot: apparent root directory Linux security module, access control Tools (e.g., docker) for easy management Lecture 4, page 33 Linux Namespaces Namespace: restrict what can a container see? Provide process level isolation of global resources Processes have illusion they are the only processes in the system MNT: mount points, file systems (what files, dir are visible)? PID: what other processes are visible? NET: NICs, routing Users: what uid, gid are visible? chroot: change root directory Lecture 4, page 34

Linux cgroups Resource isolation what and how much can a container use? Set upper bounds (limits) on resources that can be used Fair sharing of certain resources Examples: cpu: weighted proportional share of CPU for a group cpuset: cores that a group can access block io: weighted proportional block IO access memory: max memory limit for a group Lecture 4, page 35 Proportional Share Scheduling Uses a variant of proportional-share scheduling Share-based scheduling: Assign each process a weight w_i (a share ) Allocation is in proportional to share fairness: reused unused cycles to others in proportion to weight Examples: fair queuing, start time fair queuing Hard limits: assign upper bounds (e.g., 30%), no reallocation Credit-based: allocate credits every time T, can accumulate credits, and can burst up-to credit limit can a process starve other processes? Lecture 4, page 36

Share-based Schedulers Lecture 4, page 37 Putting it all together Images: files/data for a container can run different distributions/apps on a host Linux security modules and access control Linux capabilities: per process privileges Lecture 4, page 38

Docker and Linux Containers Linux containers are a set of kernel features Need user space tools to manage containers Virtuoze, OpenVZm, VServer,Lxc-tools, Wardenm Docker What does Docker add to Linux containers? Portable container deployment across machines Application-centric: geared for app deployment Automatic builds: create containers from build files Component re-use Docker containers are self-contained: no dependencies Lecture 4, page 39 Docker Docker uses Linux containers Lecture 4, page 40

LXC Virtualization Using Docker Portable: docker images run anywhere docker runs Docker decouples LXC provider from operations uses virtual resources (LXC virtualization) fair share of physical NIC vs use virtual NICs that are fairshared Lecture 4, page 41 Docker Images and Use Docker uses a union file system (AuFS) allows containers to use host FS safely Essentially a copy-on-write file system read-only files shared (e.g., share glibc) make a copy upon write Allows for small efficient container images Docker Use Cases Run once, deploy anywhere Images can be pulled/pushed to repository Containers can be a single process (useful for microservices) or a full OS Lecture 4, page 42

Use of Virtualization Today Data centers: server consolidation: pack multiple virtual servers onto a smaller number of physical server saves hardware costs, power and cooling costs Cloud computing: rent virtual servers cloud provider controls physical machines and mapping of virtual servers to physical hosts User gets root access on virtual server Desktop computing: Multi-platform software development Testing machines Run apps from another platform Lecture 4, page 43 Case Study: PlanetLab Distributed cluster across universities Used for experimental research by students and faculty in networking and distributed systems Uses a virtualized architecture Linux Vservers Node manager per machine Obtain a slice for an experiment: slice creation service Lecture 4, page 44

Server Design Issues Server Design Iterative versus concurrent How to locate an end-point (port #)? Well known port # Directory service (port mapper in Unix) Super server (inetd in Unix) CS677: Distributed OS Lecture 7, page 2

Stateful or Stateless? Stateful server Maintain state of connected clients Sessions in web servers Stateless server No state for clients Soft state Maintain state for a limited time; discarding state does not impact correctness CS677: Distributed OS Lecture 7, page 3

Server Clusters Web applications use tiered architecture Each tier may be optionally replicated; uses a dispatcher Use TCP splicing or handoffs CS677: Distributed OS Lecture 7, page 4

Server Architecture Sequential Serve one request at a time Can service multiple requests by employing events and asynchronous communication Concurrent Server spawns a process or thread to service each request Can also use a pre-spawned pool of threads/processes (apache) Thus servers could be Pure-sequential, event-based, thread-based, process-based Discussion: which architecture is most efficient? CS677: Distributed OS Lecture 7, page 5

Scalability Question:How can you scale the server capacity? Buy bigger machine! Replicate Distribute data and/or algorithms Ship code instead of data Cache CS677: Distributed OS Lecture 7, page 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback