University of Cambridge > Talks.cam > Computer Laboratory Systems Research Group Seminar > My VM is Lighter (and Safer) than your Container

My VM is Lighter (and Safer) than your Container

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Liang Wang.

Containers are in great demand because they are lightweight when compared to virtual machines. On the downside, containers offer weaker isolation than VMs, to the point where people run containers in virtual machines to achieve proper isolation. In this talk, we examine whether there is indeed a strict tradeoff between isolation (VMs) and efficiency (containers). We find that VMs can be as nimble as containers, as long as they are small and the toolstack is fast enough. We achieve lightweight VMs by using unikernels for specialized applications and with Tinyx, a tool that enables creating tailor-made, trimmed-down Linux virtual machines. By themselves, lightweight virtual machines are not enough to ensure good performance since the virtualization control plane (the toolstack) becomes the performance bottleneck. We present LightVM, a new virtualization solution based on Xen that is optimized to offer fast boot-times regardless of the number of active VMs. LightVM features a complete redesign of Xen’s control plane, transforming its centralized operation to a distributed one where interactions with the hypervisor are reduced to a minimum. LightVM can boot a VM in 2.3ms, comparable to fork/exec on Linux (1ms), and two orders of magnitude faster than Docker. LightVM can pack thousands of LightVM guests on modest hardware with memory and CPU usage comparable to that of processes.

Bio: I’m a chief researcher in the Systems and Machine Learning Group at NEC Laboratories Europe in Heidelberg, Germany. My main research and work interests lie in the areas of high-performance software systems, and in particular specialization, virtualization, and the application of machine learning techniques to tackle open problems in the systems area. Previously, I received an undergraduate degree with honours from the University of Virginia, a Masters in Data Communications, Networks and Distributed Systems from University College London (top of the class), and a Ph.D. also from UCL . I have published on several top-tier conferences and journals such as SOSP , SIGCOMM, NSDI , CoNEXT, and SIGCOMM CCR and regularly act as TPC member of conferences and journals such as IMC ,INFOCOM, CoNEXT, ANCS and SIGCOMM CCR .

This talk is part of the Computer Laboratory Systems Research Group Seminar series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2024 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity