Virtualization which isn't LXC (Linux Containers) Dobrica Pavlinušić DORS/CLUC, Zagreb, 2011-05-16.

Slides:



Advertisements
Similar presentations
With ovirt & virt manager
Advertisements

Applications of Feather-Weight Virtual Machines (FVMs) Hadi Salimi Distributed Systems Lab, School of Computer Engineering, Iran University of Science.
Operating System Level Virtualization Reza Farivar.
Virtual Machine Technology Dr. Gregor von Laszewski Dr. Lizhe Wang.
Lightweight virtual system mechanism Gao feng
NWCLUG 01/05/2010 Jared Moore Xen Open Source Virtualization.
PlanetLab Operating System support* *a work in progress.
Xen Virtualization Andrew Hamilton
Performance Evaluation of Open Virtual Routers M.Siraj Rathore
VIRTUALIZATION WITH SOLARIS A.V.Bogdanov, PyaeSoneKoKo State Marine Technical University, St.petersburg.
KVM and Container Performance and Isolation Deep Dive.
Network Implementation for Xen and KVM Class project for E : Network System Design and Implantation 12 Apr 2010 Kangkook Jee (kj2181)
Container-based OS Virtualization A Scalable, High-performance Alternative to Hypervisors Stephen Soltesz, Herbert Pötzl, Marc Fiuczynski, Andy Bavier.
To run the program: To run the program: You need the OS: You need the OS:
Condor Project Computer Sciences Department University of Wisconsin-Madison Virtual Machines in Condor.
Jaime Frey Computer Sciences Department University of Wisconsin-Madison Virtual Machines in Condor.
IT:Network:Applications Fall  Running one “machine” inside another “machine”  OS in Virtual machines sees ◦ CPU(s) ◦ Memory ◦ Disk ◦ USB ◦ etc.
Tanenbaum 8.3 See references
An Introduction to Xen Prof. Chih-Hung Wu
Hosting Virtual Networks on Commodity Hardware VINI Summer Camp.
Microkernels, virtualization, exokernels Tutorial 1 – CSC469.
OpenVZ Live Migration Jim Owens. Overview Review of OpenVZ Features Resource management Installation VM creation VM management Checkpointing Migration.
Eric Keller, Evan Green Princeton University PRESTO /22/08 Virtualizing the Data Plane Through Source Code Merging.
© 2010 IBM Corporation Plugging the Hypervisor Abstraction Leaks Caused by Virtual Networking Alex Landau, David Hadas, Muli Ben-Yehuda IBM Research –
Section 3.1: Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random.
The Linux /proc Filesystem CSE8343 – Fall 2001 Group A1 – Alex MacFarlane, Garrick Williamson, Brad Crabtree.
A RedStack Technology Company Oracle EMEA Database Partner of the Year Oracle Partner of the year 2010 & (0)
Recent advances in the Linux kernel resource management Kir Kolyshkin, OpenVZ
Xen Basics A Primer for the CPS 110 Programming Assignments Angela Dalton.
Operating Systems of The Future ( and Plan 9 ) Shilad Sen – April 26 th, 2007.
Introduction to virtualization
1 Isolating Web Programs in Modern Browser Architectures CS6204: Cloud Environment Spring 2011.
Docker and Container Technology
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Docker Overview Automating.
VM vs Container Xen, KVM, VMware, etc. Hardware emulation / paravirtualization Can run different OSs on the same box Dozens of instances OS sprawl problem.
Virtualization Redefined: Embedded virtualization through CGE7 and Docker. Paul Farmer Technical Solutions Engineering Manager MontaVista Software
Virtuozzo 4.0 Carla Safigan Virtuozzo Marketing Jack Zubarev COO.
Intro To Virtualization Mohammed Morsi
CLUG TALK Virtualbox Tuesday, 29 September 2009 One of the Jonathans.
Virtualization Neependra Khare
1 Virtualization in Linux © Copyright 2008, Free Electrons Creative Commons Attribution-ShareAlike 3.0 license 9/30/2016 Virtualization.
9/30/2016 OpenVZ: Linux Containers Kir Kolyshkin LinuxCon 2009, Portland.
Containers vs Others Xen, VMware, etc. ● Emulation/paravirtualization ● Can run different OSs on the same box ● Lower density/scalability ● OS sprawl problem.
An overview of OpenVZ virtualization technology Kir Kolyshkin OpenVZ project manager Gelato ICE 17 Apr 2007.
Daniel P. Berrangé KVM Forum Vancouver, libvirt: Why it exists ● Stable: isolation from HV API changes ● Standard: portable across HV ● Simple:
VM vs Container Xen, KVM, VMware, etc. ● Hardware emulation / paravirtualization ● Can run different OSs on the same box ● Dozens of instances ● OS sprawl.
Seven Problems of Linux Containers
Introduction to Virtualization
Virtualization in Grid Rock
CSC227: Operating Systems
CSC 482/582: Computer Security
Red Hat partner event The evolution of Linux – From containers to OpenShift PaaS & how to get started Kristijan Walter, Presales engineer Veracomp d.o.o.
Application Sandboxes
London OpenStack Meetup, July 2012 libvirt & KVM with OpenStack Nova
Containers: The new network endpoint
Linux Containers Overview & Roadmap
Container-based Operating System Virtualization: A scalable, High-performance Alternative to Hypervisors Stephen Soltesz, Herbert Potzl, Marc E. Fiuczynski,
Enrico Bonaccorsi, (CERN) Loic Brarda, (CERN) Gary Moine, (CERN)
Application images and atomic updates
Practical Applications of Virtualization
Containers and Virtualisation
Virtualization overview
NetBSD and Linux as Xen-Guest Christoph Egger
XenFS Sharing data in a virtualised environment
Running other code under LINUX
CIT 480: Securing Computer Systems
Hands-On Virtualization in the Classroom
OS Virtualization.
Intro about Contanier and Docker Technology
Presentation transcript:

Virtualization which isn't LXC (Linux Containers) Dobrica Pavlinušić DORS/CLUC, Zagreb,

Content ● Virtualizations ● Vserver, Xen, OpenVZ, sVirt, LXC ● KVM, VirtualBox, VMWare ● cgroup ● Linux Containers

Virtualization overview ● Xen ● Separate host i guest kernel (dom0, domU) ● Not upstream, massive duplication of kernel code ● Linux Vserver, OpenVZ (Virtuozzo), sVirt (SELinux based) ● Single kernel, out-of-tree patches ● Linux Containers - LXC ● chroot on steroids, based on cgroup Linux support ● Part of standard kernel, based on things you already know! ● Full-system virtualization: KVM, VirtualBox, VMWare ● But you can run LXC inside them! (e.g. EC2)

cgroup ● Process namespace in kernel ● Devices (even X11 in LXC!) ● CPU (sched, cpu account, cpuset) - NUMA ● Memory (not in Debian's kernel) ● Block I/O scheduling, limits ● Linus' magic patch ● Setsid create new scheduler entry ● Used by Google Chrome, systemd...

Linux containers - LXC lxc- checkconfig Kernel config /proc/config.gz not found, looking in other places... Found kernel config file /boot/config Namespaces --- Namespaces: enabled Utsname namespace: enabled Ipc namespace: enabled Pid namespace: enabled User namespace: enabled Network namespace: enabled Multiple /dev/pts instances: enabled --- Control groups --- Cgroup: enabled Cgroup namespace: enabled Cgroup device: enabled Cgroup sched: enabled Cgroup cpu account: enabled Cgroup memory controller: missing Cgroup cpuset: enabled --- Misc --- Veth pair device: enabled Macvlan: enabled Vlan: enabled File capabilities: missing ls lxc-* lxc-checkconfig lxc-execute lxc-start lxc-stop lxc-info lxc-console lxc-create lxc-destroy lxc-ls lxc-ps lxc-netstat lxc-restart lxc-cgroup lxc-freeze lxc-kill lxc-monitor lxc-setcap lxc-setuid lxc-unfreeze lxc-unshare lxc-version Lxc-wait lxc-attach lxc-checkpoint

LXC: Network ● veth ● Bridge on host, (virtual) device inside container ● vlan ● Select packets by IP address ● macvlan ● Select packets by MAC address ● phys ● Move host interface inside container (routing fun!) ● Empty ● Only loopback

LXC: limit resources ● Cores ● lxc.cgroup.cpuset.cpus=1,2,3 ● CPU share ● lxc.cgroup.cpu.shares=1024 # default ● Memory usage (!Debian) ● lxc.cgroup.memory.limit_in_bytes = 256M ● lxc.cgroup.memory.memsw.limit_in_bytes = 1G ● Disk (blkio) ● Disk space – standard LVM, quota... ● echo 100 > /cgroup/disk1/blkio.weight # XXX < 1000 ! ● echo "3: " > /cgroup/disk1/blkio.throttle.read_bps_device

Start LXC container ● Start single process in container ● lxc-execute -n container -- /bin/bash ● Whole operating system ● Mounting filesystems, etc from config file ● Application is /bin/init ● lxc-start -n container ● lxc-console -n container ● lxc-stop -n container

Templates: lxc-create # /usr/lib/lxc/templates/ export MIRROR= rg export SUITE=lenny cat /tmp/lenny.conf lxc.network.type=veth lxc.network.link=br0 lxc.network.flags=up EOF t61p:~# lxc-create -n lenny -t debian -f /tmp/lenny.conf

Container overview ● /var/lib/lxc/container/config ● Familiar commands ● lxc-ls ● lxc-info ● lxc-ps ● lxc-netstat ● htop --enable-group > r192 ● /proc inside contauner isn't fully isolated! ● Depends on namespace support in kernel

Under construction ● Still not in: Linux ● lxc-attach ● Attach process (bash) inside running container ● Needed to set default route outside container ● lxc-checkpoint ● Similar to lxc-(un)freeze with checkpoint to disk ●

LXC summary ● Isolate ● one application – lxc-execute ● whole OS – lxc-start ● use templates (lxc-create) ● Familiar Linux networking (bridges) ● Limiting features varies (kernel config/version) ● Ready to use today!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.