Virtualization. Virtualization. Fritz Solms. August 22, 2016

Similar documents
Intro to Docker and Containers

Do Containers fully 'contain' security issues? A closer look at Docker and Warden. By Farshad Abasi,

Linstantiation of applications. Docker accelerate

Platform as a Service and Container Clouds

Building a Continuous Integration Pipeline with Docker

Docker : devops, shared registries, HPC and emerging use cases. François Moreews & Olivier Sallou

WHITEPAPER INTRODUCTION TO CONTAINER SECURITY. Introduction to Container Security

Building Docker Cloud Services with Virtuozzo

Using Docker in Cloud Networks

Virtual Hosting & Virtual Machines

Intro to Docker for CMS

The Software Container pattern

Network Virtualization Tools in Linux PRESENTED BY: QUAMAR NIYAZ & AHMAD JAVAID

The Virtualization Practice

How Bigtop Leveraged Docker for Build Automation and One-Click Hadoop Provisioning

Getting Started Using Project Photon on VMware Fusion/Workstation

lxc and cgroups in practice sesja linuksowa 2012 wojciech wirkijowski wojciech /at/ wirkijowski /dot/ pl

Devops n the Operating System! John Willis Director of Ecosystem Development! Docker, Inc.

Copyright. Robert Sandoval

Continuous Integration using Docker & Jenkins

IOS110. Virtualization 5/27/2014 1

ISLET: Jon Schipp, Ohio Linux Fest An Attempt to Improve Linux-based Software Training

Virtualization. Types of Interfaces

The Bro Network Security Monitor

How To Install Project Photon On Vsphere 5.5 & 6.0 (Vmware Vspher) With Docker (Virtual) On Linux (Amd64) On A Ubuntu Vspheon Vspheres 5.4

An Analysis of Container-based Platforms for NFV

Type-C Ubuntu Product & Strategy Canonical Ltd.

Virtualization analysis

Cloud Security with Stackato

FROM LXC TO DOCKER: Containers Get Portable. Hongchuan Li, Xuewei Zhang, Xiang Li

The Definitive Guide To Docker Containers

Virtualization in Linux

OPERATING SYSTEM SERVICES

Operating Systems Virtualization mechanisms

Virtualization and Performance NSRC

Building a Kubernetes Cluster with Ansible. Patrick Galbraith, ATG Cloud Computing Expo, NYC, May 2016

Cross-Platform ASP.NET 5 For the Cloud. Anthony Sneed

Virtualization for Cloud Computing

Cisco Application-Centric Infrastructure (ACI) and Linux Containers

Example of Standard API

Server Monitoring. AppDynamics Pro Documentation. Version Page 1

Docker on OpenStack. August Author : Nitin Agarwal nitinagarwal3006@gmail.com. Supervisor(s) : Belmiro Moreira

Secure your Docker images

Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines

VMware Server 2.0 Essentials. Virtualization Deployment and Management

The Art of Virtualization with Free Software

Business Con*nuity with Docker

System Structures. Services Interface Structure

Long term analysis in HEP: Use of virtualization and emulation techniques

Stackato PaaS Architecture: How it works and why.

Date: December 2009 Version: 1.0. How Does Xen Work?

Virtual Machines. COMP 3361: Operating Systems I Winter

Module I-7410 Advanced Linux FS-11 Part1: Virtualization with KVM

Securing your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation

STRATEGIC WHITE PAPER. The next step in server virtualization: How containers are changing the cloud and application landscape

Use Cases for Docker in Enterprise Linux Environment CloudOpen North America, 2014 Linda Wang Sr. Software Engineering Manager Red Hat, Inc.

PROCESSOR VIRTUALIZATION ON EMBEDDED LINUX SYSTEMS

Chapter 14 Virtual Machines

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines:

Cloud Simulator for Scalability Testing

CS197U: A Hands on Introduction to Unix

Week Overview. Installing Linux Linux on your Desktop Virtualization Basic Linux system administration

The Xen of Virtualization

1 P a g e Delivering Self -Service Cloud application service using Oracle Enterprise Manager 12c

Best Practices on monitoring Solaris Global/Local Zones using IBM Tivoli Monitoring

Virtualization. Pradipta De

Restraining Execution Environments

Operating System Components

Practical Applications of Virtualization. Mike Phillips IAP 2008 SIPB IAP Series

Digital evidence in virtual honeynets based on operating system level virtualization

Chapter 3: Operating-System Structures. Common System Components

Full and Para Virtualization

Linux A first-class citizen in Windows Azure. Bruno Terkaly bterkaly@microsoft.com Principal Software Engineer Mobile/Cloud/Startup/Enterprise

Using Vagrant for Magento development. Alexander

INTRODUCTION APPLICATION DEPLOYMENT WITH ORACLE VIRTUAL ASSEMBLY

PowerPanel for Linux Software

Configuring and Managing a Private Cloud with Enterprise Manager 12c

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

AlienVault Unified Security Management (USM) 4.x-5.x. Deploying HIDS Agents to Linux Hosts

An Introduction to Service Containers

RED HAT CONTAINER STRATEGY

IBM Bluemix, the digital innovation platform

KVM: Kernel-based Virtualization Driver

HOW TO BUILD A VMWARE APPLIANCE: A CASE STUDY

EXPLORING LINUX KERNEL: THE EASY WAY!

IBM Tivoli Composite Application Manager for Microsoft Applications: Microsoft Hyper-V Server Agent Version Fix Pack 2.

Virtualization of Linux based computers: the Linux-VServer project

Using Chroot to Bring Linux Applications to Android

Architecture (SOSP 2011) 11/11/2011 Minsung Jang

RPM Brotherhood: KVM VIRTUALIZATION TECHNOLOGY

Try Linux: Brief Guide for Rookies

A lap around Team Foundation Server 2015 en Visual Studio 2015

Advanced Server Virtualization: Vmware and Microsoft Platforms in the Virtual Data Center

Operating System Structures

MONITORING PERFORMANCE IN WINDOWS 7

Comparing Virtualization Technologies

ELEC 377. Operating Systems. Week 1 Class 3

Lightweight Virtualization: LXC Best Practices

Proposal for Virtual Private Server Provisioning

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Transcription:

Virtualization Fritz Solms August 22, 2016

Overview: virtualization Virtualizaton 3 main options: Hardware virtualization: e.g. hypervisors Operating system virtualization: software containers (e.g. docker) Emulation:

hypervisors Overview of hypervisors What are hypervisors Base OS runs hypervisor creates hardware virtualization for guest OS s to run in

Overview: software containers Overview: Software Containers Also known as operating system virtualization or jails or sandboxes Definition In Operating system virtualization or software containers the kernel of an operating system allows the existence of multiple isolated user-space instances, with each software container containing all local dependencies of an application being fully isolated from other software containers.

Overview: software containers Condensed History of Software Containers 1979: chroot change root dir of process 2000: FreeBSD Jails additional sandbox features like file system isolation,... 2008: LXC Complete Linux container manager 2013: Docker

Overview: software containers Uses of OS virtualization / software containers Virtual hosting Building and Testing a user space environment e.g. chroot Hosting multiple isolated applications on same operating system Application testing Continuous integration servers Test server deployment Assignment assessment Container based application deployment

Overview: software containers Requirements for Software Containers Resource isolation: network, processes, memory, file system,... Root privilege isolation: Root privilege isolated to container. host has separate root Resource quota management: CPU, Memory, Disk, I/O, Network Secure container management: creating, starting, stopping, removing,... Container image management: Image construction tools Image versioning Image distribution via image repositories Deployable applications (with their dependencies)

Overview: software containers Pros and cons of software containers Pros: More lightweight than hypervisors shared OS Better separation of responsibilities Base OS configured for machine hardware, environment & purpose Container image configured for application stack (app + dependencies) Improved portability Faster container start/stop/deploy More efficient resource usage Better performance and security than emulation Cons: Security more tricky to manage

docker Docker architecture Manages containers via libcontainer wraps cgroups and Namespaces Namespaces for isolation cgroups for resource limiting Can limit resouces for groups disk, memory, CPU,...

docker Docker Server Needs to run on host installed versus package manager of host start docker daemon typically as a service sudo systemctl start docker Functionality: pull container images from DockerHub start/stop/rm software containers get shell for user space of software container Can re-attach to container shell inspect container logs, processes inspect resource consumption of images

docker Building docker images Can pull exisiting image, modify and commit. Not recommended No traceability or repeatability Create image directory with DockerFile with instructions to Sequence of RUN commands eg. to install software onto image, create DBs,... can use emerge, pacman, apt-get,... copy files onto the image setting up environment variables expose network ports specifying CMDs to be executed on image start Built image pushed onto DockerHub

docker Example DockerFile 1 FROM gentoo:latest 2 MAINTAINER Fritz Solms <fritz@solms.co.za> 3 4 RUN emerge --sync && emerge apache2 && rm -rf /usr/portage/distfiles/* 5 6 ENV APACHE_RUN_USER www-data 7 ENV APACHE_RUN_GROUP www-data 8 ENV APACHE_LOG_DIR /var/log/apache2 9 10 EXPOSE 80 11 12 CMD ["/usr/sbin/apache2", "-D", "FOREGROUND"]

docker Docker Hub Cloud-based registry service & image imagerepository Functionality: Community, official, and private image libraries Find, push & pull images Automatic image build & publication triggered by commits to version control system Workflow triggers image publication triggering other actions via WebHooks e.g. automatic testing or pulls onto servers running app

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information