[Beowulf] Docker vs KVM paper by IBM

Mon Jan 26 11:10:42 PST 2015

The most interesting subject around docker is security and the fact that it
provides pretty much null actual "containerisation"

https://www.youtube.com/watch?v=zWGFqMuEHdw

On 26 January 2015 at 18:57, Prentice Bisbal <prentice.bisbal at rutgers.edu>
wrote:

> It's amazing what you can get published. Those results seem pretty obvious
> to me.
>
>
> On 01/21/2015 04:26 PM, Andrew Holway wrote:
>
>> *yawn*
>>
>> On 19 August 2014 at 18:16, Kilian Cavalotti
>> <kilian.cavalotti.work at gmail.com> wrote:
>>
>>> Hi all,
>>>
>>> On Tue, Aug 19, 2014 at 7:10 AM, Douglas Eadline <deadline at eadline.org>
>>> wrote:
>>>
>>>> I ran across this interesting paper by IBM:
>>>>    An Updated Performance Comparison of Virtual Machines and Linux
>>>> Containers
>>>>
>>> It's an interesting paper, but I kind of feel it's comparing apple to
>>> oranges. They're both round and tasty, but it's not really the same
>>> thing.
>>>
>>> There's probably no need to detail this, but KVM is a virtualization
>>> infrastructure that run full stack OSes (using their own kernels) on
>>> top of a Linux kernel turned into an hypervisor. So yes, it carries
>>> the overhead of running a kernel over a kernel, but also the
>>> flexibility of doing so (ie. you can run different kernel/OS versions
>>> on top of each other, use virtual devices and so on).
>>> Docker, on the other hand, is a containerization infrastructure that
>>> run processes on top of an existing, regular kernel. Not to diminish
>>> its merits, which are great in many areas, but it's closer to a kind
>>> of glorified chroot.
>>>
>>> So, it's no surprise that Docker performance would be the same as the
>>> underlying OS's, while KVM overhead is much more important. There's a
>>> full layer of virtualization difference between the two.
>>>
>>> And they also a ran single VM or container per host. It would probably
>>> also be interesting to see what happens when your run multiple VMs or
>>> multiple containers on the same host.
>>>
>>> I guess it's nice somebody took the time to do the test, to ensure
>>> that Docker management or the LXC infrastructure was not impacting the
>>> containers performance too much, but I'm not sure I really understand
>>> the goal of the paper. Worst case, it will probably be misleading for
>>> people who will end up comparing two different tools with very
>>> different purposes and use cases. "What do you mean I can not upgrade
>>> the kernel in my container?"
>>>
>>> Cheers,
>>> --
>>> Kilian
>>> _______________________________________________
>>> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
>>> To change your subscription (digest mode or unsubscribe) visit
>>> http://www.beowulf.org/mailman/listinfo/beowulf
>>>
>> _______________________________________________
>> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
>> To change your subscription (digest mode or unsubscribe) visit
>> http://www.beowulf.org/mailman/listinfo/beowulf
>>
>
>
> --
> Prentice Bisbal
> Manager of Information Technology
> Rutgers Discovery Informatics Institute (RDI2)
> Rutgers University
> http://rdi2.rutgers.edu
>
>
> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
> To change your subscription (digest mode or unsubscribe) visit
> http://www.beowulf.org/mailman/listinfo/beowulf
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20150126/f7735a12/attachment.html>