Containers in a File
•
0 likes•766 views
Containers are typically managed by having each container chroot to its own subdirectory of the host filesystem. This leads to problems like journal bottlenecks and inefficient small file I/O. The proposed solution is to manage each container's filesystem within a virtual block device represented by a file (container-in-a-file). This avoids journal bottlenecks and allows efficient operations like backup, migration and snapshots through copy-on-write images. It provides flexibility in filesystem choice and management while solving storage and I/O issues. Future work includes optimizing the design and integrating it into the Linux kernel.
More Related Content
What's hot
What's hot (20)
Similar to Containers in a File
Similar to Containers in a File (20)
More from OpenVZ
More from OpenVZ (20)
Recently uploaded
Recently uploaded (20)
Containers in a File
- 2. 2 Agenda •Containers overview •Current way of keeping container files and its problems •Basics of container-in-a-file approach •Limitations of existing facilities •Solution •Benefits •Plans for future
- 3. 3 Virtualization: VM-style vs. containers CT 1 Hardware Hardware Host OSHost OS / Hypervisor OS Virtualization LayerVirtual Machine Monitor Virtual Hardware Virtual Hardware Guest OS Guest OS VM 1 VM 2 CT 2 Containers: •OpenVZ / Parallels Containers •Solaris containers/Zones •FreeBSD jails VMMs: •KVM / Qemu •VMware •Parallels Hypervisor
- 4. 4 Containers Virtualization Each container has its own: •Files •Process tree •Network •Devices •IPC objects
- 5. 5 Containers: file system view Natural approach: each container chroot-s to a per-container sub-tree of some system-wide host file system. CT 1 CT 2 Block device Host file system / 1 2 CTs chroot chroot
- 6. 6 Problems •File system journal is a bottleneck: 1. CT1 performs a lot of operations leading to metadata updates (e.g. truncates). Consequently, the journal is getting full. 2. CT2 issuing a single I/O operation blocks until journal checkpoint is completed. Up to 15 seconds in some tests! Host file system100% full Journal Lots of random writes
- 7. 7 Problems (cont.) •Lots of small-size files I/O on any CT operation (backup, clone) •Sub-tree disk quota support is absent in mainstream kernel •Hard to manage: •No per-container snapshots, live backup is problematic •Live migration – rsync unreliable, changed inode numbers •File system type and its properties are fixed for all containers •Need to limit number of inodes per container
- 8. 8 Container in a file Basic idea: assign virtual block device to container, keep container’ file- system on top of virtual block device. CT 1 Per-container file systems Host file system Per-container virtual block devices virtual block device image-file image-file virtual block device / / CT 2
- 9. 9 LVM limitations •Not flexible enough – works only on top of block device •Hard to manage (e.g. how to migrate huge volume?) •No dynamic allocation (--virtualsize 16T --size 16M) •Management is not as convenient as for files Block device Per-container file systems Per-container logical volumes CT 1 / / CT 2 Logical volume Logical volume
- 10. 10 Ordinary loop device limitations •VFS operations leads to double page-caching •No dynamic allocation (only “plain” format is supported) •No helps to backup/migrate containers •No snapshot functionality Per-container file systems Per-container loop devices CT 1 / / CT 2 /dev/loop1 /dev/loop2 image-file1 image-file2 Host file system
- 11. 11 Design of new loop device (ploop) main ploop module Container file system kernel block layer mount physical medium image file Maps virtual block number to image block number Maps file offset to physical sector I/O module DIO VFS format module plain QCOW ploop block device v-blocks i-blocks expandable NFS
- 12. 12 Stacked image configuration Ploop snapshots are represented by image files. They are stuffed in ploop device in stacked manner and obey the following rules: •Only top image is opened in RW mode (others – RO) •Every mapping bears info about ‘level’ •READ leads to access to an image of proper ‘level’ •WRITE may lead to transferring proper block to top image Snapshot image1 (RW) image (RO) level 1 level 0 top WRITE Copy (if any) complete READ complete READ complete
- 13. 13 Backup via snapshot Operations involved: •Create snapshot •Backup base image •Merge CT image ploop bdev snapshot CT ploop bdev image (RW) (RO) copy image.tmp (RW) merge CT ploop bdev image (RW) image.tmp merge Key features: •On-line •consistent
- 14. 14 Migrate via write-tracker Operations involved: •Turn write-tracker on •Iterative copy •Freeze container •Copy the rest time track on, copy all check tracker, copy modified check tracker, copy the rest image a copy of image < freeze container> Key features: •On-line •I/O efficient
- 15. 15 Problems solved •File system journal is not bottleneck anymore 1. CT1 performs a lot of operations leading to metadata updates (e.g. truncates). Consequently, the journal is getting full. 2. CT2 has its own file system. So, it’s not directly affected by CT1. CT1 file system100% full Journal Lots of random writes CT2 file system
- 16. 16 Problems solved (cont.) •Large-size image files I/O instead of lots of small-size files I/O on management operations •Disk quota can be implemented based on virtual device sizes. No need for sub-tree quotas •Live backup is easy and consistent •Live migration is reliable and efficient •Different containers may use file systems of different types and properties •No need to limit “number-of-inodes-per-container”
- 17. 17 Additional benefits •Efficient container creation •Snapshot/merge feature •Can support QCOW2 and other image formats •Can support arbitrary storage types •Can help KVM to keep all disk I/O in-kernel
- 18. 18 Plans •Implement I/O module on top of vfs ops •Add support of QCOW2 image format •Optimizations: •discard/TRIM events support •online images defragmentation •support sparse files •Integration into mainline kernel
- 19. 19 Questions