SlideShare a Scribd company logo

LibCT и контейнеры на уровне приложений -- Александр Бурлука

OpenVZ
OpenVZ

LibCT и контейнеры на уровне приложений -- Александр Бурлука https://events.yandex.ru/events/yagosti/19-september-2015-linux/

Software
1 of 14
Download to read offline
LibCT One Lib to Rule Them All LibCT One Lib to Rule Them All Alexander Burluka Odin, Software Engineer Yandex Container's developer meetup, 2015
AgendaAgenda • History • Namespaces and CGroups • LibCT • And Libcontainer • Current state and future plans 2
History of Linux ContainersHistory of Linux Containers • 2002 Virtuozzo • 2005 OpenVZ • Linux-VServer • 2006 Namespaces and Cgroups • 2008 LXC (Linux Containers) • 2010 Application Containers ... 3
History of Application ContainersHistory of Application Containers • Systemd-nspawn – Spawn a namespace container for debugging, testing and building • Docker – LXC – Libcontainer • Rocket – systemd-nspawn 4
NamespacesNamespaces ● Mount (2.4.19 2002) – Mount points ● Network – Network devices, stacks, ports, etc. ● PID – processes ● IPC – System V IPC, POSIX message queues ● UTS – Hostname and NIS domain name ● User (3.8 - 2013) – security-related identifiers and attributes
Other features of namespacesOther features of namespaces ● User namespaces allow to use namespace for unprivileged users ● Namespaces can be created once and used many times ● Fast entering into existing namespaces ● Ability to isolate tasks in context of one user 6
Usage scenariosUsage scenarios ● Mount namespace – to construct a new root which contains only accessible paths (security) – Multitenancy ● Network namespace – to grant full access to network devices (Network Function Virtualization, Virtual Private Networks, etc) – to build complex network topology – to use iptables, traffic shaping, etc ● PID namespaces – to isolate independent group of processes (security)
Control GroupsControl Groups ● Cpu,cpuset,cpuacct ● Memory, hugetlb ● Blkio ● Devices ● net_cls, net_prio ● Freezer ● perf_event
The LibCT libraryThe LibCT library ● Allows to run containerized applications – configure namespaces and cgroups – unprivileged containers ● In C and binding for other languages ● Cross-platform
Reasons for creating LibCTReasons for creating LibCT ● Complexity of low-level API ● Support of all kinds of containers – Linux Containers – OpenVZ – Solaris Zones – BSD jails ● Hide low-level API changes 10
Libcontainer and LibCTLibcontainer and LibCT ● In Go / In C ● Both support back-ends ● Only Go / binding for other languages ● Easy for developing / works faster ● No fork() / … Libcontainer → runc
ExampleExample s = libct_session_open_local(); /* configure container */ ct = libct_container_create(s, "test"); libct_container_set_nsmask(ct, CLONE_NEWPID | CLONE_NEWUSER | CLONE_NEWNS)); libct_userns_add_uid_map(ct, 0, getuid(), 1); libct_userns_add_gid_map(ct, 0, getgid(), 1); libct_fs_add_mount(ct, "tmpfs", "/tmp", 0, "tmpfs", NULL)) /* configure process descriptor */ p = libct_process_desc_create(s); libct_process_desc_set_caps(p, 0, CAPS_ALL); /* Executing process*/ pr = libct_container_spawn_cb(ct, p, set_ct_alive, ct_alive); libct_process_wait(pr, &status); libct_container_destroy(ct); libct_session_close(s); 12
Future plansFuture plans ● Integration with applications ● Notifications ● Task-less containers ● Checkpoint/Restore (CRIU)
Thank You! Alexander Burluka <aburluka@odin.com> https://github.com/xemul/libct Alexander Burluka <aburluka@odin.com> https://github.com/xemul/libct

Recommended

LibCT: one lib to rule them all -- Andrey Vagin
LibCT: one lib to rule them all -- Andrey VaginLibCT: one lib to rule them all -- Andrey Vagin
LibCT: one lib to rule them all -- Andrey Vagin
OpenVZ
 
OpenNebulaConf2018 - OpenNebula and LXD Containers - Rubén S. Montero - OpenN...
OpenNebulaConf2018 - OpenNebula and LXD Containers - Rubén S. Montero - OpenN...OpenNebulaConf2018 - OpenNebula and LXD Containers - Rubén S. Montero - OpenN...
OpenNebulaConf2018 - OpenNebula and LXD Containers - Rubén S. Montero - OpenN...
OpenNebula Project
 
OpenNebula LXD Container Support overview
OpenNebula LXD Container Support overviewOpenNebula LXD Container Support overview
OpenNebula LXD Container Support overview
CSUC - Consorci de Serveis Universitaris de Catalunya
 
Libcontainer: joining forces under one roof
Libcontainer: joining forces under one roofLibcontainer: joining forces under one roof
Libcontainer: joining forces under one roofAndrey Vagin
 
Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Moscow virtualization meetup 2014: CRIU 1.0 What is next?Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Moscow virtualization meetup 2014: CRIU 1.0 What is next?Andrey Vagin
 
Cassandra Summit 2014: Drivers: Let Our Powers Combine!
Cassandra Summit 2014: Drivers: Let Our Powers Combine!Cassandra Summit 2014: Drivers: Let Our Powers Combine!
Cassandra Summit 2014: Drivers: Let Our Powers Combine!
DataStax Academy
 
Docker. General overview
Docker. General overviewDocker. General overview
Docker. General overview
Mirantis IT Russia
 
Cncf meetup-rook
Cncf meetup-rookCncf meetup-rook
Cncf meetup-rook
Juraj Hantak
 

Recommended

LibCT: one lib to rule them all -- Andrey Vagin
LibCT: one lib to rule them all -- Andrey VaginLibCT: one lib to rule them all -- Andrey Vagin
LibCT: one lib to rule them all -- Andrey Vagin
OpenVZ
 
OpenNebulaConf2018 - OpenNebula and LXD Containers - Rubén S. Montero - OpenN...
OpenNebulaConf2018 - OpenNebula and LXD Containers - Rubén S. Montero - OpenN...OpenNebulaConf2018 - OpenNebula and LXD Containers - Rubén S. Montero - OpenN...
OpenNebulaConf2018 - OpenNebula and LXD Containers - Rubén S. Montero - OpenN...
OpenNebula Project
 
OpenNebula LXD Container Support overview
OpenNebula LXD Container Support overviewOpenNebula LXD Container Support overview
OpenNebula LXD Container Support overview
CSUC - Consorci de Serveis Universitaris de Catalunya
 
Libcontainer: joining forces under one roof
Libcontainer: joining forces under one roofLibcontainer: joining forces under one roof
Libcontainer: joining forces under one roofAndrey Vagin
 
Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Moscow virtualization meetup 2014: CRIU 1.0 What is next?Moscow virtualization meetup 2014: CRIU 1.0 What is next?
Moscow virtualization meetup 2014: CRIU 1.0 What is next?Andrey Vagin
 
Cassandra Summit 2014: Drivers: Let Our Powers Combine!
Cassandra Summit 2014: Drivers: Let Our Powers Combine!Cassandra Summit 2014: Drivers: Let Our Powers Combine!
Cassandra Summit 2014: Drivers: Let Our Powers Combine!
DataStax Academy
 
Docker. General overview
Docker. General overviewDocker. General overview
Docker. General overview
Mirantis IT Russia
 
Cncf meetup-rook
Cncf meetup-rookCncf meetup-rook
Cncf meetup-rook
Juraj Hantak
 
Cncf meetup-rook
Cncf meetup-rookCncf meetup-rook
Cncf meetup-rook
Juraj Hantak
 
Autentia OS - 20180210 - Docker y las películas de chinos
Autentia OS - 20180210 - Docker y las películas de chinosAutentia OS - 20180210 - Docker y las películas de chinos
Autentia OS - 20180210 - Docker y las películas de chinos
Alejandro Pérez García
 
20160401 Gluster-roadmap
20160401 Gluster-roadmap20160401 Gluster-roadmap
20160401 Gluster-roadmap
Gluster.org
 
Comparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesComparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetes
Adam Hamsik
 
Not so brief history of Linux Containers
Not so brief history of Linux ContainersNot so brief history of Linux Containers
Not so brief history of Linux Containers
Kirill Kolyshkin
 
kpatch.kgraft
kpatch.kgraftkpatch.kgraft
kpatch.kgraft
Udo Seidel
 
Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019
🔧 Loïc BLOT
 
How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)
Pavel Snajdr
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux Way
OpenNebula Project
 
SFO15-203: Linaro CI - git driven workflow & Jenkins advanced usage
SFO15-203: Linaro CI - git driven workflow & Jenkins advanced usageSFO15-203: Linaro CI - git driven workflow & Jenkins advanced usage
SFO15-203: Linaro CI - git driven workflow & Jenkins advanced usage
Linaro
 
Docker
DockerDocker
Docker
Serzh Nechyporchuk
 
What's missing from upstream kernel containers?
What's missing from upstream kernel containers?What's missing from upstream kernel containers?
What's missing from upstream kernel containers?
Kirill Kolyshkin
 
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
Deepak Shetty
 
LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...
LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...
LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...
Linaro
 
Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...
Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...
Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...
OpenVZ
 
Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.
Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.
Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.
OpenVZ
 
Live migration: pros, cons and gotchas -- Pavel Emelyanov
Live migration: pros, cons and gotchas -- Pavel EmelyanovLive migration: pros, cons and gotchas -- Pavel Emelyanov
Live migration: pros, cons and gotchas -- Pavel Emelyanov
OpenVZ
 
CRIU: Time and Space Travel Service for Linux Applications
CRIU: Time and Space Travel Service for Linux ApplicationsCRIU: Time and Space Travel Service for Linux Applications
CRIU: Time and Space Travel Service for Linux Applications
OpenVZ
 
Snow blade proposal.doc
Snow blade proposal.docSnow blade proposal.doc
Snow blade proposal.doc
James Mutua
 
Консервация процессов в домашних условиях
Консервация процессов в домашних условияхКонсервация процессов в домашних условиях
Консервация процессов в домашних условиях
OpenVZ
 
Optimizing FUSE for Cloud Storage
Optimizing FUSE for Cloud StorageOptimizing FUSE for Cloud Storage
Optimizing FUSE for Cloud Storage
OpenVZ
 
Transcends Banner profile
Transcends Banner profileTranscends Banner profile
Transcends Banner profileJames Mutua
 

More Related Content

What's hot

Cncf meetup-rook
Cncf meetup-rookCncf meetup-rook
Cncf meetup-rook
Juraj Hantak
 
Autentia OS - 20180210 - Docker y las películas de chinos
Autentia OS - 20180210 - Docker y las películas de chinosAutentia OS - 20180210 - Docker y las películas de chinos
Autentia OS - 20180210 - Docker y las películas de chinos
Alejandro Pérez García
 
20160401 Gluster-roadmap
20160401 Gluster-roadmap20160401 Gluster-roadmap
20160401 Gluster-roadmap
Gluster.org
 
Comparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesComparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetes
Adam Hamsik
 
Not so brief history of Linux Containers
Not so brief history of Linux ContainersNot so brief history of Linux Containers
Not so brief history of Linux Containers
Kirill Kolyshkin
 
kpatch.kgraft
kpatch.kgraftkpatch.kgraft
kpatch.kgraft
Udo Seidel
 
Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019
🔧 Loïc BLOT
 
How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)
Pavel Snajdr
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux Way
OpenNebula Project
 
SFO15-203: Linaro CI - git driven workflow & Jenkins advanced usage
SFO15-203: Linaro CI - git driven workflow & Jenkins advanced usageSFO15-203: Linaro CI - git driven workflow & Jenkins advanced usage
SFO15-203: Linaro CI - git driven workflow & Jenkins advanced usage
Linaro
 
Docker
DockerDocker
Docker
Serzh Nechyporchuk
 
What's missing from upstream kernel containers?
What's missing from upstream kernel containers?What's missing from upstream kernel containers?
What's missing from upstream kernel containers?
Kirill Kolyshkin
 
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
Deepak Shetty
 
LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...
LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...
LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...
Linaro
 

What's hot (14)

Cncf meetup-rook
Cncf meetup-rookCncf meetup-rook
Cncf meetup-rook
 
Autentia OS - 20180210 - Docker y las películas de chinos
Autentia OS - 20180210 - Docker y las películas de chinosAutentia OS - 20180210 - Docker y las películas de chinos
Autentia OS - 20180210 - Docker y las películas de chinos
 
20160401 Gluster-roadmap
20160401 Gluster-roadmap20160401 Gluster-roadmap
20160401 Gluster-roadmap
 
Comparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesComparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetes
 
Not so brief history of Linux Containers
Not so brief history of Linux ContainersNot so brief history of Linux Containers
Not so brief history of Linux Containers
 
kpatch.kgraft
kpatch.kgraftkpatch.kgraft
kpatch.kgraft
 
Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019
 
How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux Way
 
SFO15-203: Linaro CI - git driven workflow & Jenkins advanced usage
SFO15-203: Linaro CI - git driven workflow & Jenkins advanced usageSFO15-203: Linaro CI - git driven workflow & Jenkins advanced usage
SFO15-203: Linaro CI - git driven workflow & Jenkins advanced usage
 
Docker
DockerDocker
Docker
 
What's missing from upstream kernel containers?
What's missing from upstream kernel containers?What's missing from upstream kernel containers?
What's missing from upstream kernel containers?
 
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
GlusterFS Native driver for Openstack Manila at GlusterNight Paris @ Openstac...
 
LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...
LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...
LCE13: Test and Validation Mini-Summit: Review Current Linaro Engineering Pro...
 

Viewers also liked

Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...
Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...
Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...
OpenVZ
 
Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.
Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.
Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.
OpenVZ
 
Live migration: pros, cons and gotchas -- Pavel Emelyanov
Live migration: pros, cons and gotchas -- Pavel EmelyanovLive migration: pros, cons and gotchas -- Pavel Emelyanov
Live migration: pros, cons and gotchas -- Pavel Emelyanov
OpenVZ
 
CRIU: Time and Space Travel Service for Linux Applications
CRIU: Time and Space Travel Service for Linux ApplicationsCRIU: Time and Space Travel Service for Linux Applications
CRIU: Time and Space Travel Service for Linux Applications
OpenVZ
 
Snow blade proposal.doc
Snow blade proposal.docSnow blade proposal.doc
Snow blade proposal.doc
James Mutua
 
Консервация процессов в домашних условиях
Консервация процессов в домашних условияхКонсервация процессов в домашних условиях
Консервация процессов в домашних условиях
OpenVZ
 
Optimizing FUSE for Cloud Storage
Optimizing FUSE for Cloud StorageOptimizing FUSE for Cloud Storage
Optimizing FUSE for Cloud Storage
OpenVZ
 
Transcends Banner profile
Transcends Banner profileTranscends Banner profile
Transcends Banner profileJames Mutua
 
Resource management: beancounters
Resource management: beancountersResource management: beancounters
Resource management: beancountersOpenVZ
 
Живая миграция: плюсы, минусы и подводные камни - Павел Емельянов
Живая миграция: плюсы, минусы и подводные камни - Павел ЕмельяновЖивая миграция: плюсы, минусы и подводные камни - Павел Емельянов
Живая миграция: плюсы, минусы и подводные камни - Павел Емельянов
OpenVZ
 
Live migrating a container: pros, cons and gotchas -- Pavel Emelyanov
Live migrating a container: pros, cons and gotchas -- Pavel EmelyanovLive migrating a container: pros, cons and gotchas -- Pavel Emelyanov
Live migrating a container: pros, cons and gotchas -- Pavel Emelyanov
OpenVZ
 
Checkpoint and Restore In Userspace
Checkpoint and Restore In UserspaceCheckpoint and Restore In Userspace
Checkpoint and Restore In Userspace
OpenVZ
 
Containers in a file
Containers in a fileContainers in a file
Containers in a fileOpenVZ
 
Libcontainer: joining forces under one roof
Libcontainer: joining forces under one roofLibcontainer: joining forces under one roof
Libcontainer: joining forces under one roof
OpenVZ
 
Развёртывание приложений Docker в контейнерах Virtuozzo -- Павел Тихомиров
Развёртывание приложений Docker в контейнерах Virtuozzo -- Павел ТихомировРазвёртывание приложений Docker в контейнерах Virtuozzo -- Павел Тихомиров
Развёртывание приложений Docker в контейнерах Virtuozzo -- Павел Тихомиров
OpenVZ
 
Not so brief history of Linux Containers - Kir Kolyshkin
Not so brief history of Linux Containers - Kir KolyshkinNot so brief history of Linux Containers - Kir Kolyshkin
Not so brief history of Linux Containers - Kir Kolyshkin
OpenVZ
 

Viewers also liked (16)

Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...
Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...
Open WG Talk #2 Everything you wanted to know about CRIU (but were afraid to ...
 
Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.
Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.
Profit from the cloud TM Parallels Dynamic Infrastructure And OpenStack.
 
Live migration: pros, cons and gotchas -- Pavel Emelyanov
Live migration: pros, cons and gotchas -- Pavel EmelyanovLive migration: pros, cons and gotchas -- Pavel Emelyanov
Live migration: pros, cons and gotchas -- Pavel Emelyanov
 
CRIU: Time and Space Travel Service for Linux Applications
CRIU: Time and Space Travel Service for Linux ApplicationsCRIU: Time and Space Travel Service for Linux Applications
CRIU: Time and Space Travel Service for Linux Applications
 
Snow blade proposal.doc
Snow blade proposal.docSnow blade proposal.doc
Snow blade proposal.doc
 
Консервация процессов в домашних условиях
Консервация процессов в домашних условияхКонсервация процессов в домашних условиях
Консервация процессов в домашних условиях
 
Optimizing FUSE for Cloud Storage
Optimizing FUSE for Cloud StorageOptimizing FUSE for Cloud Storage
Optimizing FUSE for Cloud Storage
 
Transcends Banner profile
Transcends Banner profileTranscends Banner profile
Transcends Banner profile
 
Resource management: beancounters
Resource management: beancountersResource management: beancounters
Resource management: beancounters
 
Живая миграция: плюсы, минусы и подводные камни - Павел Емельянов
Живая миграция: плюсы, минусы и подводные камни - Павел ЕмельяновЖивая миграция: плюсы, минусы и подводные камни - Павел Емельянов
Живая миграция: плюсы, минусы и подводные камни - Павел Емельянов
 
Live migrating a container: pros, cons and gotchas -- Pavel Emelyanov
Live migrating a container: pros, cons and gotchas -- Pavel EmelyanovLive migrating a container: pros, cons and gotchas -- Pavel Emelyanov
Live migrating a container: pros, cons and gotchas -- Pavel Emelyanov
 
Checkpoint and Restore In Userspace
Checkpoint and Restore In UserspaceCheckpoint and Restore In Userspace
Checkpoint and Restore In Userspace
 
Containers in a file
Containers in a fileContainers in a file
Containers in a file
 
Libcontainer: joining forces under one roof
Libcontainer: joining forces under one roofLibcontainer: joining forces under one roof
Libcontainer: joining forces under one roof
 
Развёртывание приложений Docker в контейнерах Virtuozzo -- Павел Тихомиров
Развёртывание приложений Docker в контейнерах Virtuozzo -- Павел ТихомировРазвёртывание приложений Docker в контейнерах Virtuozzo -- Павел Тихомиров
Развёртывание приложений Docker в контейнерах Virtuozzo -- Павел Тихомиров
 
Not so brief history of Linux Containers - Kir Kolyshkin
Not so brief history of Linux Containers - Kir KolyshkinNot so brief history of Linux Containers - Kir Kolyshkin
Not so brief history of Linux Containers - Kir Kolyshkin
 

Similar to LibCT и контейнеры на уровне приложений -- Александр Бурлука

Libcontainer: joining forces under one roof
Libcontainer: joining forces under one roofLibcontainer: joining forces under one roof
Libcontainer: joining forces under one roof
Mirantis IT Russia
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
Dobrica Pavlinušić
 
Let's Containerize New York with Docker!
Let's Containerize New York with Docker!Let's Containerize New York with Docker!
Let's Containerize New York with Docker!
Jérôme Petazzoni
 
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebula Project
 
Linux Containers & Docker
Linux Containers & DockerLinux Containers & Docker
Linux Containers & Docker
Jumping Bean
 
Containerization & Docker - Under the Hood
Containerization & Docker - Under the HoodContainerization & Docker - Under the Hood
Containerization & Docker - Under the Hood
Imesha Sudasingha
 
WSO2Con ASIA 2016: Revolutionizing WSO2 App Cloud with Kubernetes & Docker
WSO2Con ASIA 2016: Revolutionizing WSO2 App Cloud with Kubernetes & DockerWSO2Con ASIA 2016: Revolutionizing WSO2 App Cloud with Kubernetes & Docker
WSO2Con ASIA 2016: Revolutionizing WSO2 App Cloud with Kubernetes & Docker
WSO2
 
Docker Dojo
Docker DojoDocker Dojo
Docker Dojo
Hugo González Labrador
 
LinuxIO-Introduction-FUDCon-2015
LinuxIO-Introduction-FUDCon-2015LinuxIO-Introduction-FUDCon-2015
LinuxIO-Introduction-FUDCon-2015
KASHISH BHATIA
 
Evolution of Linux Containerization
Evolution of Linux Containerization Evolution of Linux Containerization
Evolution of Linux Containerization
WSO2
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container Virtualization
Imesh Gunaratne
 
WSO2Con USA 2015: Revolutionizing WSO2 PaaS with Kubernetes & App Factory
WSO2Con USA 2015: Revolutionizing WSO2 PaaS with Kubernetes & App FactoryWSO2Con USA 2015: Revolutionizing WSO2 PaaS with Kubernetes & App Factory
WSO2Con USA 2015: Revolutionizing WSO2 PaaS with Kubernetes & App Factory
WSO2
 
Containers > VMs
Containers > VMsContainers > VMs
Containers > VMs
David Timothy Strauss
 
Kubernetes
KubernetesKubernetes
Kubernetes
Linjith Kunnon
 
Evolution of containers to kubernetes
Evolution of containers to kubernetesEvolution of containers to kubernetes
Evolution of containers to kubernetes
Krishna-Kumar
 
The internals and the latest trends of container runtimes
The internals and the latest trends of container runtimesThe internals and the latest trends of container runtimes
The internals and the latest trends of container runtimes
Akihiro Suda
 
Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015
Jérôme Petazzoni
 
Academy PRO: Docker. Part 1
Academy PRO: Docker. Part 1Academy PRO: Docker. Part 1
Academy PRO: Docker. Part 1
Binary Studio
 
OpenVZ, Virtuozzo and Docker
OpenVZ, Virtuozzo and DockerOpenVZ, Virtuozzo and Docker
OpenVZ, Virtuozzo and Docker
Kirill Kolyshkin
 
Revolutionizing WSO2 PaaS with Kubernetes & App Factory
Revolutionizing WSO2 PaaS with Kubernetes & App FactoryRevolutionizing WSO2 PaaS with Kubernetes & App Factory
Revolutionizing WSO2 PaaS with Kubernetes & App Factory
Imesh Gunaratne
 

Similar to LibCT и контейнеры на уровне приложений -- Александр Бурлука (20)

Libcontainer: joining forces under one roof
Libcontainer: joining forces under one roofLibcontainer: joining forces under one roof
Libcontainer: joining forces under one roof
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
 
Let's Containerize New York with Docker!
Let's Containerize New York with Docker!Let's Containerize New York with Docker!
Let's Containerize New York with Docker!
 
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
 
Linux Containers & Docker
Linux Containers & DockerLinux Containers & Docker
Linux Containers & Docker
 
Containerization & Docker - Under the Hood
Containerization & Docker - Under the HoodContainerization & Docker - Under the Hood
Containerization & Docker - Under the Hood
 
WSO2Con ASIA 2016: Revolutionizing WSO2 App Cloud with Kubernetes & Docker
WSO2Con ASIA 2016: Revolutionizing WSO2 App Cloud with Kubernetes & DockerWSO2Con ASIA 2016: Revolutionizing WSO2 App Cloud with Kubernetes & Docker
WSO2Con ASIA 2016: Revolutionizing WSO2 App Cloud with Kubernetes & Docker
 
Docker Dojo
Docker DojoDocker Dojo
Docker Dojo
 
LinuxIO-Introduction-FUDCon-2015
LinuxIO-Introduction-FUDCon-2015LinuxIO-Introduction-FUDCon-2015
LinuxIO-Introduction-FUDCon-2015
 
Evolution of Linux Containerization
Evolution of Linux Containerization Evolution of Linux Containerization
Evolution of Linux Containerization
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container Virtualization
 
WSO2Con USA 2015: Revolutionizing WSO2 PaaS with Kubernetes & App Factory
WSO2Con USA 2015: Revolutionizing WSO2 PaaS with Kubernetes & App FactoryWSO2Con USA 2015: Revolutionizing WSO2 PaaS with Kubernetes & App Factory
WSO2Con USA 2015: Revolutionizing WSO2 PaaS with Kubernetes & App Factory
 
Containers > VMs
Containers > VMsContainers > VMs
Containers > VMs
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Evolution of containers to kubernetes
Evolution of containers to kubernetesEvolution of containers to kubernetes
Evolution of containers to kubernetes
 
The internals and the latest trends of container runtimes
The internals and the latest trends of container runtimesThe internals and the latest trends of container runtimes
The internals and the latest trends of container runtimes
 
Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015
 
Academy PRO: Docker. Part 1
Academy PRO: Docker. Part 1Academy PRO: Docker. Part 1
Academy PRO: Docker. Part 1
 
OpenVZ, Virtuozzo and Docker
OpenVZ, Virtuozzo and DockerOpenVZ, Virtuozzo and Docker
OpenVZ, Virtuozzo and Docker
 
Revolutionizing WSO2 PaaS with Kubernetes & App Factory
Revolutionizing WSO2 PaaS with Kubernetes & App FactoryRevolutionizing WSO2 PaaS with Kubernetes & App Factory
Revolutionizing WSO2 PaaS with Kubernetes & App Factory
 

More from OpenVZ

PFcache - LinuxCon 2015
PFcache - LinuxCon 2015PFcache - LinuxCon 2015
PFcache - LinuxCon 2015
OpenVZ
 
Speeding up ps and top
Speeding up ps and topSpeeding up ps and top
Speeding up ps and top
OpenVZ
 
CRIU: time and space travel for Linux containers -- Kir Kolyshkin
CRIU: time and space travel for Linux containers -- Kir KolyshkinCRIU: time and space travel for Linux containers -- Kir Kolyshkin
CRIU: time and space travel for Linux containers -- Kir Kolyshkin
OpenVZ
 
Тестирование ПО, основанного на сторонних компонентах - Денис Силаков, SECR 2015
Тестирование ПО, основанного на сторонних компонентах - Денис Силаков, SECR 2015Тестирование ПО, основанного на сторонних компонентах - Денис Силаков, SECR 2015
Тестирование ПО, основанного на сторонних компонентах - Денис Силаков, SECR 2015
OpenVZ
 
What's missing from upstream kernel containers? - Sergey Bronnikov
What's missing from upstream kernel containers? - Sergey BronnikovWhat's missing from upstream kernel containers? - Sergey Bronnikov
What's missing from upstream kernel containers? - Sergey Bronnikov
OpenVZ
 
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий МонаховПроблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
OpenVZ
 
CRIU: ускорение запуска PHP в CloudLinux OS -- Руслан Купреев
CRIU: ускорение запуска PHP в CloudLinux OS -- Руслан КупреевCRIU: ускорение запуска PHP в CloudLinux OS -- Руслан Купреев
CRIU: ускорение запуска PHP в CloudLinux OS -- Руслан Купреев
OpenVZ
 
Управление памятью контейнеров в проекте OpenVZ -- Владимир Давыдов
Управление памятью контейнеров в проекте OpenVZ -- Владимир ДавыдовУправление памятью контейнеров в проекте OpenVZ -- Владимир Давыдов
Управление памятью контейнеров в проекте OpenVZ -- Владимир Давыдов
OpenVZ
 
Живая миграция контейнеров: плюсы, минусы, подводные камни -- Павел Емельянов
Живая миграция контейнеров: плюсы, минусы, подводные камни -- Павел ЕмельяновЖивая миграция контейнеров: плюсы, минусы, подводные камни -- Павел Емельянов
Живая миграция контейнеров: плюсы, минусы, подводные камни -- Павел Емельянов
OpenVZ
 
Denser containers with PF cache - Pavel Emelyanov
Denser containers with PF cache - Pavel EmelyanovDenser containers with PF cache - Pavel Emelyanov
Denser containers with PF cache - Pavel Emelyanov
OpenVZ
 
CGroups kernel memory controller -- Pavel Emelyanov
CGroups kernel memory controller -- Pavel EmelyanovCGroups kernel memory controller -- Pavel Emelyanov
CGroups kernel memory controller -- Pavel Emelyanov
OpenVZ
 
What's missing from upstream kernel containers? - Kir Kolyshkin, Sergey Bronn...
What's missing from upstream kernel containers? - Kir Kolyshkin, Sergey Bronn...What's missing from upstream kernel containers? - Kir Kolyshkin, Sergey Bronn...
What's missing from upstream kernel containers? - Kir Kolyshkin, Sergey Bronn...
OpenVZ
 
Openvz booth
Openvz boothOpenvz booth
Openvz booth
OpenVZ
 
Управление ресурсами в Linux и OpenVZ
Управление ресурсами в Linux и OpenVZ Управление ресурсами в Linux и OpenVZ
Управление ресурсами в Linux и OpenVZ
OpenVZ
 
Мифы и легенды о проекте OpenVZ
Мифы и легенды о проекте OpenVZМифы и легенды о проекте OpenVZ
Мифы и легенды о проекте OpenVZ
OpenVZ
 
An overview of OpenVZ virtualization technology
An overview of OpenVZ virtualization technologyAn overview of OpenVZ virtualization technology
An overview of OpenVZ virtualization technology
OpenVZ
 
Linux Virtualization
Linux VirtualizationLinux Virtualization
Linux Virtualization
OpenVZ
 
N problems of Linux containers
N problems of Linux containersN problems of Linux containers
N problems of Linux containers
OpenVZ
 
Brief history of Linux containers
Brief history of Linux containersBrief history of Linux containers
Brief history of Linux containers
OpenVZ
 
Linux Plumbers
Linux PlumbersLinux Plumbers
Linux Plumbers
OpenVZ
 

More from OpenVZ (20)

PFcache - LinuxCon 2015
PFcache - LinuxCon 2015PFcache - LinuxCon 2015
PFcache - LinuxCon 2015
 
Speeding up ps and top
Speeding up ps and topSpeeding up ps and top
Speeding up ps and top
 
CRIU: time and space travel for Linux containers -- Kir Kolyshkin
CRIU: time and space travel for Linux containers -- Kir KolyshkinCRIU: time and space travel for Linux containers -- Kir Kolyshkin
CRIU: time and space travel for Linux containers -- Kir Kolyshkin
 
Тестирование ПО, основанного на сторонних компонентах - Денис Силаков, SECR 2015
Тестирование ПО, основанного на сторонних компонентах - Денис Силаков, SECR 2015Тестирование ПО, основанного на сторонних компонентах - Денис Силаков, SECR 2015
Тестирование ПО, основанного на сторонних компонентах - Денис Силаков, SECR 2015
 
What's missing from upstream kernel containers? - Sergey Bronnikov
What's missing from upstream kernel containers? - Sergey BronnikovWhat's missing from upstream kernel containers? - Sergey Bronnikov
What's missing from upstream kernel containers? - Sergey Bronnikov
 
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий МонаховПроблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
 
CRIU: ускорение запуска PHP в CloudLinux OS -- Руслан Купреев
CRIU: ускорение запуска PHP в CloudLinux OS -- Руслан КупреевCRIU: ускорение запуска PHP в CloudLinux OS -- Руслан Купреев
CRIU: ускорение запуска PHP в CloudLinux OS -- Руслан Купреев
 
Управление памятью контейнеров в проекте OpenVZ -- Владимир Давыдов
Управление памятью контейнеров в проекте OpenVZ -- Владимир ДавыдовУправление памятью контейнеров в проекте OpenVZ -- Владимир Давыдов
Управление памятью контейнеров в проекте OpenVZ -- Владимир Давыдов
 
Живая миграция контейнеров: плюсы, минусы, подводные камни -- Павел Емельянов
Живая миграция контейнеров: плюсы, минусы, подводные камни -- Павел ЕмельяновЖивая миграция контейнеров: плюсы, минусы, подводные камни -- Павел Емельянов
Живая миграция контейнеров: плюсы, минусы, подводные камни -- Павел Емельянов
 
Denser containers with PF cache - Pavel Emelyanov
Denser containers with PF cache - Pavel EmelyanovDenser containers with PF cache - Pavel Emelyanov
Denser containers with PF cache - Pavel Emelyanov
 
CGroups kernel memory controller -- Pavel Emelyanov
CGroups kernel memory controller -- Pavel EmelyanovCGroups kernel memory controller -- Pavel Emelyanov
CGroups kernel memory controller -- Pavel Emelyanov
 
What's missing from upstream kernel containers? - Kir Kolyshkin, Sergey Bronn...
What's missing from upstream kernel containers? - Kir Kolyshkin, Sergey Bronn...What's missing from upstream kernel containers? - Kir Kolyshkin, Sergey Bronn...
What's missing from upstream kernel containers? - Kir Kolyshkin, Sergey Bronn...
 
Openvz booth
Openvz boothOpenvz booth
Openvz booth
 
Управление ресурсами в Linux и OpenVZ
Управление ресурсами в Linux и OpenVZ Управление ресурсами в Linux и OpenVZ
Управление ресурсами в Linux и OpenVZ
 
Мифы и легенды о проекте OpenVZ
Мифы и легенды о проекте OpenVZМифы и легенды о проекте OpenVZ
Мифы и легенды о проекте OpenVZ
 
An overview of OpenVZ virtualization technology
An overview of OpenVZ virtualization technologyAn overview of OpenVZ virtualization technology
An overview of OpenVZ virtualization technology
 
Linux Virtualization
Linux VirtualizationLinux Virtualization
Linux Virtualization
 
N problems of Linux containers
N problems of Linux containersN problems of Linux containers
N problems of Linux containers
 
Brief history of Linux containers
Brief history of Linux containersBrief history of Linux containers
Brief history of Linux containers
 
Linux Plumbers
Linux PlumbersLinux Plumbers
Linux Plumbers
 

Recently uploaded

Pro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp BookPro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp Book
abdulrafaychaudhry
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
Shane Coughlan
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Crescat
 
Enterprise Resource Planning System in Telangana
Enterprise Resource Planning System in TelanganaEnterprise Resource Planning System in Telangana
Enterprise Resource Planning System in Telangana
NYGGS Automation Suite
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
XfilesPro
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Neo4j
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
Neo4j
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
abdulrafaychaudhry
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
Max Andersen
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
Ortus Solutions, Corp
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
Boni García
 
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptxText-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
ShamsuddeenMuhammadA
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
Alina Yurenko
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Mind IT Systems
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
Globus
 

Recently uploaded (20)

Pro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp BookPro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp Book
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
 
Enterprise Resource Planning System in Telangana
Enterprise Resource Planning System in TelanganaEnterprise Resource Planning System in Telangana
Enterprise Resource Planning System in Telangana
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
 
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptxText-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
 

LibCT и контейнеры на уровне приложений -- Александр Бурлука

  • 1. LibCT One Lib to Rule Them All LibCT One Lib to Rule Them All Alexander Burluka Odin, Software Engineer Yandex Container's developer meetup, 2015
  • 2. AgendaAgenda • History • Namespaces and CGroups • LibCT • And Libcontainer • Current state and future plans 2
  • 3. History of Linux ContainersHistory of Linux Containers • 2002 Virtuozzo • 2005 OpenVZ • Linux-VServer • 2006 Namespaces and Cgroups • 2008 LXC (Linux Containers) • 2010 Application Containers ... 3
  • 4. History of Application ContainersHistory of Application Containers • Systemd-nspawn – Spawn a namespace container for debugging, testing and building • Docker – LXC – Libcontainer • Rocket – systemd-nspawn 4
  • 5. NamespacesNamespaces ● Mount (2.4.19 2002) – Mount points ● Network – Network devices, stacks, ports, etc. ● PID – processes ● IPC – System V IPC, POSIX message queues ● UTS – Hostname and NIS domain name ● User (3.8 - 2013) – security-related identifiers and attributes
  • 6. Other features of namespacesOther features of namespaces ● User namespaces allow to use namespace for unprivileged users ● Namespaces can be created once and used many times ● Fast entering into existing namespaces ● Ability to isolate tasks in context of one user 6
  • 7. Usage scenariosUsage scenarios ● Mount namespace – to construct a new root which contains only accessible paths (security) – Multitenancy ● Network namespace – to grant full access to network devices (Network Function Virtualization, Virtual Private Networks, etc) – to build complex network topology – to use iptables, traffic shaping, etc ● PID namespaces – to isolate independent group of processes (security)
  • 8. Control GroupsControl Groups ● Cpu,cpuset,cpuacct ● Memory, hugetlb ● Blkio ● Devices ● net_cls, net_prio ● Freezer ● perf_event
  • 9. The LibCT libraryThe LibCT library ● Allows to run containerized applications – configure namespaces and cgroups – unprivileged containers ● In C and binding for other languages ● Cross-platform
  • 10. Reasons for creating LibCTReasons for creating LibCT ● Complexity of low-level API ● Support of all kinds of containers – Linux Containers – OpenVZ – Solaris Zones – BSD jails ● Hide low-level API changes 10
  • 11. Libcontainer and LibCTLibcontainer and LibCT ● In Go / In C ● Both support back-ends ● Only Go / binding for other languages ● Easy for developing / works faster ● No fork() / … Libcontainer → runc
  • 12. ExampleExample s = libct_session_open_local(); /* configure container */ ct = libct_container_create(s, "test"); libct_container_set_nsmask(ct, CLONE_NEWPID | CLONE_NEWUSER | CLONE_NEWNS)); libct_userns_add_uid_map(ct, 0, getuid(), 1); libct_userns_add_gid_map(ct, 0, getgid(), 1); libct_fs_add_mount(ct, "tmpfs", "/tmp", 0, "tmpfs", NULL)) /* configure process descriptor */ p = libct_process_desc_create(s); libct_process_desc_set_caps(p, 0, CAPS_ALL); /* Executing process*/ pr = libct_container_spawn_cb(ct, p, set_ct_alive, ct_alive); libct_process_wait(pr, &status); libct_container_destroy(ct); libct_session_close(s); 12
  • 13. Future plansFuture plans ● Integration with applications ● Notifications ● Task-less containers ● Checkpoint/Restore (CRIU)
  • 14. Thank You! Alexander Burluka <aburluka@odin.com> https://github.com/xemul/libct Alexander Burluka <aburluka@odin.com> https://github.com/xemul/libct