2,272 research outputs found
Performance Evaluation of Microservices Architectures using Containers
Microservices architecture has started a new trend for application
development for a number of reasons: (1) to reduce complexity by using tiny
services; (2) to scale, remove and deploy parts of the system easily; (3) to
improve flexibility to use different frameworks and tools; (4) to increase the
overall scalability; and (5) to improve the resilience of the system.
Containers have empowered the usage of microservices architectures by being
lightweight, providing fast start-up times, and having a low overhead.
Containers can be used to develop applications based on monolithic
architectures where the whole system runs inside a single container or inside a
microservices architecture where one or few processes run inside the
containers. Two models can be used to implement a microservices architecture
using containers: master-slave, or nested-container. The goal of this work is
to compare the performance of CPU and network running benchmarks in the two
aforementioned models of microservices architecture hence provide a benchmark
analysis guidance for system designers.Comment: Submitted to the 14th IEEE International Symposium on Network
Computing and Applications (IEEE NCA15). Partially funded by European
Research Council (ERC) under the European Union's Horizon 2020 research and
innovation programme (grant agreement No 639595) - HiEST Projec
Real-Time Containers: A Survey
Container-based virtualization has gained a significant importance in a deployment of software applications in cloud-based environments. The technology fully relies on operating system features and does not require a virtualization layer (hypervisor) that introduces a performance degradation. Container-based virtualization allows to co-locate multiple isolated containers on a single computation node as well as to decompose an application into multiple containers distributed among several hosts (e.g., in fog computing layer). Such a technology seems very promising in other domains as well, e.g., in industrial automation, automotive, and aviation industry where mixed criticality containerized applications from various vendors can be co-located on shared resources.
However, such industrial domains often require real-time behavior (i.e, a capability to meet predefined deadlines). These capabilities are not fully supported by the container-based virtualization yet. In this work, we provide a systematic literature survey study that summarizes the effort of the research community on bringing real-time properties in container-based virtualization. We categorize existing work into main research areas and identify possible immature points of the technology
nsroot: Minimalist Process Isolation Tool Implemented With Linux Namespaces
Data analyses in the life sciences are moving from tools run on a personal
computer to services run on large computing platforms. This creates a need to
package tools and dependencies for easy installation, configuration and
deployment on distributed platforms. In addition, for secure execution there is
a need for process isolation on a shared platform. Existing virtual machine and
container technologies are often more complex than traditional Unix utilities,
like chroot, and often require root privileges in order to set up or use. This
is especially challenging on HPC systems where users typically do not have root
access. We therefore present nsroot, a lightweight Linux namespaces based
process isolation tool. It allows restricting the runtime environment of data
analysis tools that may not have been designed with security as a top priority,
in order to reduce the risk and consequences of security breaches, without
requiring any special privileges. The codebase of nsroot is small, and it
provides a command line interface similar to chroot. It can be used on all
Linux kernels that implement user namespaces. In addition, we propose combining
nsroot with the AppImage format for secure execution of packaged applications.
nsroot is open sourced and available at: https://github.com/uit-no/nsroo
- …