My VM is Lighter (and Safer) than your Container
Open Access
- 14 October 2017
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
Containers are in great demand because they are lightweight when compared to virtual machines. On the downside, containers offer weaker isolation than VMs, to the point where people run containers in virtual machines to achieve proper isolation. In this paper, we examine whether there is indeed a strict tradeoff between isolation (VMs) and efficiency (containers). We find that VMs can be as nimble as containers, as long as they are small and the toolstack is fast enough. We achieve lightweight VMs by using unikernels for specialized applications and with Tinyx, a tool that enables creating tailor-made, trimmed-down Linux virtual machines. By themselves, lightweight virtual machines are not enough to ensure good performance since the virtualization control plane (the toolstack) becomes the performance bottleneck. We present LightVM, a new virtualization solution based on Xen that is optimized to offer fast boot-times regardless of the number of active VMs. LightVM features a complete redesign of Xen's control plane, transforming its centralized operation to a distributed one where interactions with the hypervisor are reduced to a minimum. LightVM can boot a VM in 2.3ms, comparable to fork/exec on Linux (1ms), and two orders of magnitude faster than Docker. LightVM can pack thousands of LightVM guests on modest hardware with memory and CPU usage comparable to that of processes.Keywords
Funding Information
- Horizon 2020 (671566)
This publication has 15 references indexed in Scilit:
- Swift Birth and Quick DeathPublished by Association for Computing Machinery (ACM) ,2017
- Unikernels EverywherePublished by Association for Computing Machinery (ACM) ,2017
- Dynamic Computation Offloading for Mobile-Edge Computing With Energy Harvesting DevicesIEEE Journal on Selected Areas in Communications, 2016
- Unikernels: Rise of the Virtual Library Operating SystemQueue, 2013
- Making middleboxes someone else's problemPublished by Association for Computing Machinery (ACM) ,2012
- Breaking up is hard to doPublished by Association for Computing Machinery (ACM) ,2011
- The Case for VM-Based Cloudlets in Mobile ComputingIEEE Pervasive Computing, 2009
- SnowFlockPublished by Association for Computing Machinery (ACM) ,2009
- Xen and the art of virtualizationACM SIGOPS Operating Systems Review, 2003
- ExokernelPublished by Association for Computing Machinery (ACM) ,1995