Containerize vs Virtualize

OSCON Summer 2009 cyberstalk : irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon irving + andy Virtualize or Containerize?

OSCON Summer 2009 Hello Portland!

OSCON Summer 2009 Hello San Jose!

OSCON Summer 2009 cyberstalk : irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon irving + andy Virtualize or Containerize?

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Agenda 1. Why we're here 2. Act I - Virtualize or Containerize (aka "So, you're a provider...") 1. Define and Differentiate 2. State of the Art -> dealbreakers + dealmakers 3. Act II - The Trouble with Clouds (aka "So you're looking to buy?") 1. A Market for Lemons 2. How it's hurting consumers 3. Wouldn't it be cool if... 4. Further resources 5. Get in touch...

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Containerization: Now you can handle the truth Now that we all know + love virtualization, it's easier to wrap our brains around containerization
Reminder: Virtualization is everywhere, even when you don't know it.
Amazon EC2, Xen, Vmware... Perhaps you've heard of them?
Containerization branding chaos.
Mediatemple, Dreamhost, Dotster... Perhaps you've heard of them?

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Why we're here Irving said blasphemous things about virtualization in IRC.

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Containerization: Is that even a thing?

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Rollcall Virtualization users and their admirers

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Rollcall Containerization users and their admirers

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Act I Virtualize vs. Containerize: Define + Differentiate So, you're a provider...

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Before we begin, assumptions Our focus: x86 Server Market Open Source Operating Systems Open Source & Web Application stacks Yes, we know that: Virtualization actually kicked off in the 1970s Mainframe world. Things are different when you bring Windows into the picture. If you want to discuss Windows, Mainframes, etc, you may be at the wrong talk.

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Virtualization Explained Virtualization in a Nutshell:
A software technique used to separate an Operating System from Physical Resources
The virtualization "host" presents a complete set of hardware (CPU, memory, disk, devices) to the "guest", fooling the guest into thinking it is running on real hardware
Analogy: The Matrix

Examples
VMware (Full Virtualization)
Xen (Paravirtualization)
KVM (Paravirtualization)
Virtualbox (Full Virtualization)

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Virtualization Explained (cont.) Advantages:
System Consolidation
System Protection
Simplicity - Run any x86 OS!
Disadvantage:
CPU Performance
Memory Performance
IO Performance
Noticing a trend? Expensive translation Scheduler Contention

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Containerization: The Difference is found in the Translation Virtualization (much must be translated) Containerization (It's all native)

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? The Alien is the Guest, the Human is the Host *Except when you containerize, then a Human is both the Guest and Host

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Containerization: Tools like OpenVZ are already packaged with or for your favorite distro

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Containerization Explained Containerization in a Nutshell
Also called Operating System-level virtualization, the host and guests all share a single kernel
Essentially, virtualization in user-land
Single kernel provides greater control of guests, yet thinner separation between guests
Some ability to run different OS distributions
Popular Ones
OpenVZ (Linux)
Linux-Vserver
FreeBSD Jails
Solaris Containers

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Containerization Explained (cont.) Advantages
Fat-free Virtualization
IO and Memory Performance levels similar to native operation
CPU Scalability - no "virtual SMP" limits
Resource Control and Constraints
Disadvantages
Guests must be same Kernel rev/arch as Host
“ Enterprise Functionality” is a mixed bag

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Neat Containerization Tricks Tighter relationship between Host and Guest allows you to:
Easily Administer Guests from the Host (Change IP, Change Passwords, etc)
Easily Access the Filesystem of Guests from the Host
Share identical memory between Guests and the Host
Super-easy Template usage and creation
Very fine grained resource limits

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Command-Line Examples List vzlist -a CTID NPROC STATUS IP_ADDR HOSTNAME 1 35 running 10.101.60.79 localhost 101 8 running 10.101.66.1 ct101.swsoft.com 102 7 running 10.101.66.159 ct102.swsoft.com 103 - stopped 10.101.66.103 ct103.swsoft.com Enter container:~# vzctl enter 100 entered into VE 100 root@www:/# Change User Password vzctl set 100 --save --userpassword apache:secretpassword! Change DNS Server vzctl set 100 --save --nameserver 192.168.0.2

irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon ONBOOT="yes" VE_ROOT="/var/lib/vz/root/$VEID" VE_PRIVATE="/var/lib/vz/private/$VEID" OSTEMPLATE="ubuntu-8.04-amd64-minimal" ORIGIN_SAMPLE="vps.basic" HOSTNAME="www.example.com" IP_ADDRESS="192.168.0.220" NAMESERVER="192.168.0.10" NOATIME="yes" DISKSPACE="10485760:11530240" DISKINODES="200000:220000" QUOTATIME="0" CPUUNITS="1000" OpenVZ Config Example VITALS QUOTAS Virtualize or Containerize?

irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon KMEMSIZE LOCKEDPAGES PRIVVMPAGES SHMPAGES NUMPROC PHYSPAGES VMGUARPAGES OOMGUARPAGES NUMTCPSOCK NUMFLOCK You Want Fine Grained Resource Limits? NUMPTY NUMSIGINFO TCPSNDBUF TCPRCVBUF OTHERSOCKBUF DGRAMRCVBUF NUMOTHERSOCK DCACHESIZE NUMFILE AVNUMPROC NUMIPTENT You got em. Hard and Soft limits for all. Virtualize or Containerize?

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Who were Popek and Goldberg? Published a famous paper in 1974 called "Formal Requirements for Virtualizable Third Generation Architectures". The fundamentals are still relevant today. Equivalence A program running under the VMM should exhibit a behavior essentially identical to that demonstrated when running on an equivalent machine directly. Resource control The VMM must be in complete control of the virtualized resources. Efficiency A statistically dominant fraction of machine instructions must be executed without VMM intervention.

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Convergent Evolution (Or something...)

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Convergent Evolution... Or Common Management Layer libvirt?

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? What's best for you? It depends on who you are.

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? How the heck do we describe ourselves?
buyers?
sellers?
administrators?
administrator and user?!?!
providers?
users?
developers?
just need to run a dang app?

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? The big buckets
Selling infrastructure or applications on top of infrastructure to people outside your organization
Providing infrastructure, or applications on top of an infrastructure, within your organization/company
Your own customer
a dev/groups of devs managing your own production/dev/QA server
using an app that needs infrastructure

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Rollcall Need help? Let's help you choose...
Selling infrastructure or applications on top of infrastructure to people outside your organization
Providing infrastructure, or applications on top of an infrastructure, within your organization/company
Your own customer
a dev/groups of devs managing your own production/dev/QA server
using an app that needs infrastructure

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Let's help you choose You care about: "Enterprise" functionality, support, clustering, pretty dashboards. Virtualize!

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Let's help you choose You care about: Running many, many different x86 OSes. And a wide array of virtual appliances. Virtualize!

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Let's help you choose You're an Infrastructure provider, and you need to run many, many instances of Linux as efficiently as possible. You understand that fitting more guests on a host is free money. Containerize!

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Let's help you choose You're a startup or indie developer on Linux, and you need to stretch every dollar. However, you want to easily add Staging/Dev environments, regression test on a wide variety of distributions, etc. People keep telling you to "Get a VM for that project." What do you do? Containerize!

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Act II The Trouble with Clouds So, you're a consumer of infrastructure...

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? The market for lemons Much of what you just heard doesn't matter if you are a buyer of Infrastructure services (IaaS, Cloud Computing, etc.) Building any large-scale high performance virtualization infrastructure can be very tricky (variance in technical solutions) Vendors are forced to compete primarily on Price, not Quality. See famous paper "The Market for Lemons" by economist George Akerlof.

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? (interrupting record scratch sound)

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Cloud Providers, we love you, here's some valuable observations Shopping for IaaS services makes no sense, the comparison criteria has nothing to do with the Quality of the Infrastructure
User Interface
API
Pricing and Features
Oh yeah, and user reviews (subjective)
How about you help out the users a little bit?
Build smarter baseline configs based on Memory Size, CPU power purchased, etc.
Install smart Caching mechanisms by default (WP-Super-Cache, memcached, Boost, mod_cache)
Don't fool buyers into thinking that they can get by without a proper sysadmin.
Don't instantly upsell more widgets when the customer's performance goes south.

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Wouldn't it be cool if... There were independent measurements and ratings for IaaS providers:
Compare CPU, Memory, Disk, and network performance
Compare real-world task response times
Compare end-to-end performance of real application stacks
A critical mass of communities talking about cloud stuff with these new criteria in mind :
Wikis
Discussion forums
How-to articles
Encourage vendors to be more transparent and describe their offerings in a more meaningful way.

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Okay, Now take a deep breath

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Further Resources
Wikipedia "Virtualization" article: http://en.wikipedia.org/wiki/Virtualization
VMware whitepaper: Understanding Paravirtualization http://www.vmware.com/files/pdf/VMware_paravirtualization.pdf
Intel whitepaper: Hybrid Virtualization http://www.vmware.com/files/pdf/VMware_paravirtualization.pdf
Troubleshooting hosted Xen story: http://wiki.xen.prgmr.com/xenophilia/2009/06/see-this-is-why-i-dont-assume.html
Popek and Goldberg Virtualization Requirements http://en.wikipedia.org/wiki/Popek_and_Goldberg_virtualization_requirements

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Get in touch Andy (Andrea) Sysadmin in Portland, OR Cries when make fails. twitter/identica: thesethings Blog: http://www.thesethingsmattertome.com/ Irving Popovetsky Independent consultant from Portland, OR Unabashed OSS nerd for nearly 15 years twitter/identica: irvingpop Blog: http://www.cloudest.com/blog/

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Questions??

OSCON Summer 2009 irc / twitter/ identica: irvingpop, thesethings web: cloudest.com/oscon Virtualize or Containerize? Thanks for coming!

http://www.cloudest.com	51
http://www.johnmwillis.com	25
http://www.slideshare.net	6
http://static.slidesharecdn.com	1

Containerize vs Virtualize

by Andy d

Accessibility

Categories

Upload Details

Usage Rights

4 Embeds 83

Statistics