Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

OS Virtualization: The Twelve Minute Crash Course

3,930 views

Published on

Presentation given (quickly!) at #launchscale on October 24, 2014

Published in: Technology
  • Be the first to comment

OS Virtualization: The Twelve Minute Crash Course

  1. 1. OS Virtualization: The Twelve Minute Crash Course Bryan Cantrill CTO bryan@joyent.com @bcantrill
  2. 2. Virtualization as cloud catalyst • In the 1960s — shortly after the dawn of computing! — pundits foresaw a compute utility that would be public and multi-tenant • The vision was four decades too early: it took the internet + commodity computing + virtualization to yield cloud computing • Virtualization is the essential ingredient for multi-tenant operation — but where in the stack to virtualize? • Choices around virtualization capture tensions between elasticity, tenancy, and performance • tl;dr: Virtualization choices drive economic tradeoffs
  3. 3. Hardware-level virtualization? • The historical answer to virtualization — since the 1960s — has been to virtualize the hardware: • A virtual machine is presented upon which each tenant runs an operating system that they choose (and must manage) • There are as many operating systems on a machine as tenants! • Can run entire legacy stacks unmodified... • ...but operating systems are heavy and don’t play well with others with respect to resources like DRAM, CPU, I/O devices, etc. • Limits elasticity, tenancy and performance!
  4. 4. Platform-level virtualization? • Virtualizing at the application platform layer addresses the tenancy challenges of hardware virtualization, and presents a much more nimble (& developer friendly!) abstraction... • ...but at the cost of dictating abstraction to the developer • This is the “Google App Engine” problem: developers are in a straightjacket where toy programs are easy — but sophisticated applications are impossible • Virtualizing at the application platform layer poses many other challenges with respect to security, containment, etc.
  5. 5. OS-level virtualization! • Virtualizing at the operating system hits a sweet spot: • A single operating system (i.e. a single kernel) allows for efficient use of hardware resources, maximizing tenancy and performance • Disjoint instances are securely compartmentalized by the operating system • Gives tenants what appears to be a virtual machine (albeit a very fast one) on which to run higher-level software: PaaS ease with IaaS generality • Also: boots like a bandit! • Model was pioneered by FreeBSD jails and taken to their logical extreme by Solaris zones — and then aped by Linux containers
  6. 6. OS-level virtualization in the cloud • Joyent runs OS containers in the cloud via SmartOS — and we have run containers in multi-tenant production since ~2006 • SmartOS also support hardware-level virtualization, but we have long advocated OS containers for new build-out • We emphasized their operational characteristics — performance, elasticity, tenancy — and for many years, we were a lone voice...
  7. 7. Containers as PaaS foundation? • Some saw the power of OS containers to facilitate up-stack platform-as-a-service abstractions • For example, dotCloud — a platform-as-a-service provider — built their PaaS on OS containers • Struggling as a PaaS, dotCloud pivoted — and open sourced their container-based orchestration layer...
  8. 8. Docker revolution • Docker has used the rapid provisioning + shared underlying filesystem of containers to allow developers to think operationally • Developers can encode deployment procedures via an image • Images can be reliably and reproducibly deployed as a container • This is a huge win for developer productivity... • Docker will do to apt what apt did to tar
  9. 9. Broader OS container revolution • The Docker model has pointed to the future of containers • Docker’s challenges today are largely operational: network virtualization, persistence, security, etc. • Security concerns are real enough that for multi-tenancy, OS containers are running in hardware virtual machines (!!) • The future will consist of Docker’s abstractions mated with secure, high-performance OS-level virtualization • The best of all worlds: the developer ease of Docker coupled with the many operational advantages of OS containers!

×