SlideShare una empresa de Scribd logo

遅延レイヤ取得による高互換コンテナ起動高速化手法

Descargar como PPTX, PDF
Shinagawa Laboratory, The University of Tokyo
Shinagawa Laboratory, The University of Tokyo

遅延レイヤ取得による高互換コンテナ起動高速化手法. 五反田 正太郎, 品川 高廣. 第151回システムソフトウェアとオペレーティング・システム研究会,オンライン,2021年3月. http://id.nii.ac.jp/1001/00209632/

Software
1 de 42
遅延レイヤ取得による 高互換コンテナ起動高速化手法 2021年3月2日 情報処理学会 第151回システムソフトウェアとオペレーティング・システム研究発表会 東京大学 品川研究室 五反田 正太郎, 品川 高廣
Container is a mechanism to easily build, deploy and run applications everywhere. build share & deploy run scripts library binary config push pull Container Runtime (e.g. docker, podman) Container Image Container Image Platform (e.g. Cloud, Laptop, IoT) 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 1/40
Container Image Pull is Slow Image pull occupy most part of container boot (c.f docker run) time. ※ Pull Image: download & unfreeze Image 0.0s 5.0s 10.0s 15.0s 20.0s 1 2 boot latency of major containers Series1 Series2 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 2/40
Research Goal 1: Reducing Boot Latency Our research goal is to reduce containers’ boot latency. 0.0s 5.0s 10.0s 15.0s 20.0s 1 2 boot latency of major containers Series1 Series2 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 3/40
Compatibility to Ecosystem is also Important  Many container images are already built based on image’s spec.  Currently over 4.5 million images are stored in DockerHub.  Many tools supporting containers are also based on specification. 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary Container’s Ecosystem consists of many tools & images 4/40
Existing Methods have Problems in Compatibility Minimize Image • Building Apps on Small Base Image (e.g. Alpine Linux) ×incompatible in terms of packages & libraries • Removing Files Manually/Automatically ×degrading functionality Lazy Image Pull • NFS・P2P based Lazy Image Pull / Parallel Image Pull ×only applicable in clusters • Lazy Image Pull with Original Format Image ×hard to coexists with existing software & ecosystem • Lazy Layer Pull with Library Call Hook ×only apps using libc (shared library) are supported 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 5/40
Research Goal 1. Reducing container’s boot time 2. Achieving high compatibility 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 6/40
Base Idea for Our Proposal 1. Reducing container’s boot time ↑ Lazy Image Fetching 2. Achieving high applicability ↑ Conforming to container’s de facto standard (layer & overlay filesystem) 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 7/40
Background 1: Lazy Image Fetching Only about 6.4% of data is need for container execution [1]. [1] Slacker: Fast Distribution with Lazy Docker Containers. FAST’16 Container process container image Container process container image unused data can be fetched lazily at run time only necessary data for boot should be fetched in advance normal lazy fetching all data is pulled in advance 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 8/40
Background 2: Layers & Overlay Filesystem • A container image consists of stacked multiple layers • Each layer is a directory and distributed as a tar.gz file • Overlay filesystem manage layers and redirect accesses to each layer Container Image layer file access overlay filesystem 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 9/40
overlay filesystem 1. Create boot layer on top of original image • consisting of necessary data for boot 2. Pull other layers lazily • Only boot layer is pulled on boot • Our overlay filesystem manages lazy pull Container Image layer file access pull layers lazily Concepts: Overlay Filesystem for Lazy Layer Pull 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 10/40
There are some Design Choices & Problems How to know which file is needed for boot layer  Static analysis vs Dynamic analysis Unexpected Layer Pull 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 11/40
There are some Design Choices & Problems How to know which file is needed for boot layer  Static analysis vs Dynamic analysis Unexpected Layer Pull 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 12/40
 Static Image Analysis  analyze executable  consider domain knowledge × less general  Dynamic Analysis  run target container  trace file access dynamically ↑ our approach Design Choice 1: How to know which file is needed? overlay filesystem pull layers lazily 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 13/40
There are some Design Choices & Problems How to know which file is needed for boot layer  Static analysis vs Dynamic analysis Unexpected Layer Pull 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 14/40
Some file access needs additional information & pull all layers 1. Access to non-existing path • e.g. ) exec command new file creation, etc… 2. Reading directory entries • requires children files overlay filesystem pull layers lazily copying accessed files is not enough! Problem: Unexpected Layer Pull 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 15/40
Case Study : Access to non-existing path overlay filesystem Need to pull all layers to know the absence of /sbin/bash ※ Creating new files causes the same problem Situation: exec bash with PATH=/sbin:/bin:… ①/sbin/bash ②/bin/bash 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 16/40
Case Study: Reading Directory Entry overlay filesystem Just copying the directory doesn’t work. /dir /dir/fileA /dir/fileB Need to pull all layers to know each file 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 17/40
Case Study: Reading Directory Entry overlay filesystem /dir /dir/fileA Copying the directory and its children doesn’t work, either. Need to pull all layers to know the absence of other files. 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary /dir/fileB 18/40
Solution1: Whiteout files and opaque directories Utilize existing functionalities defined in specification, keeping compatibility 1. Access to non-existing path • Place whiteout files to notify the absence of the file 2. Reading directory entries • Copy all children into the boot layer • Set the directory as opaque to stop reading lower layers 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 19/40
Case Study: Access to non-existing path Situation: exec bash with PATH=/sbin:/bin:… overlay filesystem Place the whiteout file to notify the absence of the file. ※ Whiteout files are originally for removing files ①/sbin/bash ②/bin/bash whiteout file for /sbin/bash (empty file at /sbin/.wh.bash) pull layers lazily pull of lower layers can be postponed 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 20/40
Case Study: Reading Directory Entry overlay filesystem pull layers lazily Specify the directory as opaque to stop searching lower layers ※ Opaque Directories are originally for removing/creating directories stop searching pull of lower layers can be postponed 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 21/40
Whiteout files & opaque directories are not enough for the following cases. • Case 1: creating files at random path • e.g.) python, golang, texlive • Case 2: interactive filesystem movement • e.g. ) cd, ls, find commands @ubuntu • e.g. ) creating new notebook @jupyter Problem(cont’d): Unpredictable File Access 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 22/40
/sbin /etc /var /bin / /bash /ls /sbin /bin / /.wh..wh.llpfs /bash /sbin /etc /bin /ls /echo /echo /etc Original Image Boot Layer meta data tree copy only metadata of non-accessed files copy contents and metadata of accessed files 1. non-existing path can be decided. 2. The results of readdir operation can be generated. 3. Interactive application can work due to this extension (e.g. bash, jupyter) Situation: Executing bash with PATH=/sbin:/bin:… bash we can know the absence of /sbin/bash These files cannot be seen when mounted /var Solution2: Including All Metadata into Boot Layer 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 23/40
Methods for Avoiding Unexpected Layer Pull We implemented two layer generation methods to solve this problem. 1. Using whiteout files & opaque directories • exploits existing functionalities defined in the image specification. 2. Including all metadata • create metadata dedicated file tree under specific path 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 24/40
boot layer generation runtime Container Image layer file access component implementation Proposed System Architecture 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary Container process blgen (boot layer generator) registry overlay filesystem for access trace filesystem log push boot layer common layers Container process lazy layer pull manager container Runtime (podman) registry llpfs communicate via unix domain socket pull layers lazily start start start 25/40
container runtime 1. start container runtime Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 26/40
container runtime 1. start container runtime 2. initialize for new container llpfs start start lazy layer pull manager communicate via UNIX domain socket Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 27/40
container runtime 1. start container runtime 2. initialize for new container 3. start new container llpfs lazy layer pull manager Container process start Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 28/40
container runtime lazy layer pull manager Container process llpfs Request layer 1. start container runtime 2. initialize for new container 3. start new container 4. request the layer for file access Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 29/40
container runtime lazy layer pull manager Container process llpfs pull layers lazily registry 1. start container runtime 2. initialize for new container 3. start new container 4. request the layer for file access 5. pull layer lazily Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 30/40
container runtime 1. start container runtime 2. initialize for new container 3. start new container 4. request the layer for file access 5. pull layer lazily 6. notify layer pull completion 7. repeat 4〜6 from top to bottom till the file found lazy layer pull manager Container process llpfs registry notify layer pull completion Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 31/40
container runtime lazy layer pull manager Container process llpfs registry pull layers lazily Asynchronous Lazy Layer Pull Start layer pull without request when async option is enabled 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 32/40
Evaluation  Application Boot Time Evaluation  Performance Evaluation Environment Machine1(Application Boot Time) Machine2(Performance) CPU Intel Core i7-9700 Intel Xeon E5-2603 v4 CPU Clock 3.00GHz 1.70GHz #Core (Physical/Logical) 8/8 6/6 RAM 32GB 16GB Disk Samsung SSD 970 EVO Plus 500GB Samsung SSD 950 EVO Plus 256GB OS Ubuntu 18.04 (Linux Kernel 5.3.0) Ubuntu 20.04 (Linux Kernel 5.4.0) 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 33/40
app container image registry Application Boot Time Evaluation Settings  Examine boot time of various popular applications  5 times per setting Applications • ubuntu(bash) • nginx • redis • buildpack • ※Spring Boot application built with buildpack • golang • python • texlive/texlive • jupyter/datascence-notebook Machine 1 8core / 32GB RAM VM 4core/8GB RAM VM 2core/8GB RAM connected with virtual network with 5Mbps, 10Mbps, 50Mbps, 100Mbps, 500Mbps, 1000Mbps, no limit bandwidth. 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 34/40
Application Boot Case Study: jupyter notebook • Definition of Boot Time: The time up to first valid http response • Application(image) source • most popular official container • jupyter/datascience-notbook • obtained from DockerHub • Boot time is improved at any bandwidth 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 35/40
Layer Generation Methods Comparison Boot Time is a bit faster without metadata files when possible 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 36/40
Application Boot Time Evaluation Summary The boot times are improved with all settings maximum improvement ratio is 39x average improvement 1Gbps: 4.9X 100Mbps: 10X 10Mbps: 15X 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 37/40
Performance Evaluation Settings Sysbench for MySQL container on overlay filesystems to measure filesystem overhead. Machine 2 6core 16GB RAM MySQL container sysbench issue requests overlay filesystem • Sysbench oltp_read_write workload • 10s × 5 each • on overlay filesystems • overlayfs (kernel module) • fuse-overlayfs (FUSE) • our proposal 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 38/40
Performance Evaluation Results 1.3% 2.9% 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary higher is better lower is better 39/40
Future Work  Support image build  Support multiple/gradual boot layers  Support various filesystems/runtimes 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 40/40
Summary  Our research goal is reducing container boot latency with high compatibility  We proposed a new lazy layer pull approach with overlay filesystem  Our proposal improved average boot time by 10x at 100Mbps with little performance degradation 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 41/40

Recomendados

Hands on kubernetes_container_orchestration
Hands on kubernetes_container_orchestrationHands on kubernetes_container_orchestration
Hands on kubernetes_container_orchestration
Amir Hossein Sorouri
 
Course 102: Lecture 22: Package Management
Course 102: Lecture 22: Package Management Course 102: Lecture 22: Package Management
Course 102: Lecture 22: Package Management
Ahmed El-Arabawy
 
Startup Containers in Lightning Speed with Lazy Image Distribution
Startup Containers in Lightning Speed with Lazy Image DistributionStartup Containers in Lightning Speed with Lazy Image Distribution
Startup Containers in Lightning Speed with Lazy Image Distribution
Kohei Tokunaga
 
File handling.pptx
File handling.pptxFile handling.pptx
File handling.pptx
VishuSaini22
 
Tachyon-2014-11-21-amp-camp5
Tachyon-2014-11-21-amp-camp5Tachyon-2014-11-21-amp-camp5
Tachyon-2014-11-21-amp-camp5
Haoyuan Li
 
Docker and the Linux Kernel
Docker and the Linux KernelDocker and the Linux Kernel
Docker and the Linux Kernel
Docker, Inc.
 
Java IO
Java IOJava IO
Java IO
UTSAB NEUPANE
 
Android Application WebAPI Development Training
Android Application WebAPI Development TrainingAndroid Application WebAPI Development Training
Android Application WebAPI Development Training
OESF Education
 

Recomendados

Hands on kubernetes_container_orchestration
Hands on kubernetes_container_orchestrationHands on kubernetes_container_orchestration
Hands on kubernetes_container_orchestration
Amir Hossein Sorouri
 
Course 102: Lecture 22: Package Management
Course 102: Lecture 22: Package Management Course 102: Lecture 22: Package Management
Course 102: Lecture 22: Package Management
Ahmed El-Arabawy
 
Startup Containers in Lightning Speed with Lazy Image Distribution
Startup Containers in Lightning Speed with Lazy Image DistributionStartup Containers in Lightning Speed with Lazy Image Distribution
Startup Containers in Lightning Speed with Lazy Image Distribution
Kohei Tokunaga
 
File handling.pptx
File handling.pptxFile handling.pptx
File handling.pptx
VishuSaini22
 
Tachyon-2014-11-21-amp-camp5
Tachyon-2014-11-21-amp-camp5Tachyon-2014-11-21-amp-camp5
Tachyon-2014-11-21-amp-camp5
Haoyuan Li
 
Docker and the Linux Kernel
Docker and the Linux KernelDocker and the Linux Kernel
Docker and the Linux Kernel
Docker, Inc.
 
Java IO
Java IOJava IO
Java IO
UTSAB NEUPANE
 
Android Application WebAPI Development Training
Android Application WebAPI Development TrainingAndroid Application WebAPI Development Training
Android Application WebAPI Development Training
OESF Education
 
Docker Overview
Docker OverviewDocker Overview
Docker Overview
Gary Williams
 
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
Eric Smalling
 
FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...
FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...
FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...
Akihiro Suda
 
Building Quality Code That Lasts: A Dropbox Story. Ashley Nelson-Hornstein
Building Quality Code That Lasts: A Dropbox Story. Ashley Nelson-Hornstein Building Quality Code That Lasts: A Dropbox Story. Ashley Nelson-Hornstein
Building Quality Code That Lasts: A Dropbox Story. Ashley Nelson-Hornstein
Yandex
 
Tachyon: An Open Source Memory-Centric Distributed Storage System
Tachyon: An Open Source Memory-Centric Distributed Storage SystemTachyon: An Open Source Memory-Centric Distributed Storage System
Tachyon: An Open Source Memory-Centric Distributed Storage System
Tachyon Nexus, Inc.
 
Tachyon Presentation at AMPCamp 6 (November, 2015)
Tachyon Presentation at AMPCamp 6 (November, 2015)Tachyon Presentation at AMPCamp 6 (November, 2015)
Tachyon Presentation at AMPCamp 6 (November, 2015)
Tachyon Nexus, Inc.
 
Union FileSystem - A Building Blocks Of a Container
Union FileSystem - A Building Blocks Of a ContainerUnion FileSystem - A Building Blocks Of a Container
Union FileSystem - A Building Blocks Of a Container
Knoldus Inc.
 
Faster Container Image Distribution on a Variety of Tools with Lazy Pulling
Faster Container Image Distribution on a Variety of Tools with Lazy PullingFaster Container Image Distribution on a Variety of Tools with Lazy Pulling
Faster Container Image Distribution on a Variety of Tools with Lazy Pulling
Kohei Tokunaga
 
[FOSDEM 2020] Lazy distribution of container images
[FOSDEM 2020] Lazy distribution of container images[FOSDEM 2020] Lazy distribution of container images
[FOSDEM 2020] Lazy distribution of container images
Akihiro Suda
 
"Docker best practice", Станислав Коленкин (senior devops, DataArt)
"Docker best practice", Станислав Коленкин (senior devops, DataArt)"Docker best practice", Станислав Коленкин (senior devops, DataArt)
"Docker best practice", Станислав Коленкин (senior devops, DataArt)
DataArt
 
Exploiting Directory Permissions on macOS
Exploiting Directory Permissions on macOSExploiting Directory Permissions on macOS
Exploiting Directory Permissions on macOS
Csaba Fitzl
 
OpenEmbedded & BitBake - Denx
OpenEmbedded & BitBake - DenxOpenEmbedded & BitBake - Denx
OpenEmbedded & BitBake - Denx
yang firo
 
Folder structure & setup dev environment
Folder structure & setup dev environmentFolder structure & setup dev environment
Folder structure & setup dev environment
Thai Lam Ha
 
Live Container Migration: OpenStack Summit Barcelona 2016
Live Container Migration: OpenStack Summit Barcelona 2016Live Container Migration: OpenStack Summit Barcelona 2016
Live Container Migration: OpenStack Summit Barcelona 2016
Phil Estes
 
Expanding XPages with Bootstrap Plugins for Ultimate Usability
Expanding XPages with Bootstrap Plugins for Ultimate UsabilityExpanding XPages with Bootstrap Plugins for Ultimate Usability
Expanding XPages with Bootstrap Plugins for Ultimate Usability
Teamstudio
 
Lessons Learned Running Hadoop and Spark in Docker Containers
Lessons Learned Running Hadoop and Spark in Docker ContainersLessons Learned Running Hadoop and Spark in Docker Containers
Lessons Learned Running Hadoop and Spark in Docker Containers
BlueData, Inc.
 
Assessment item 1 File Systems and Advanced Scripting .docx
Assessment item 1 File Systems and Advanced Scripting .docxAssessment item 1 File Systems and Advanced Scripting .docx
Assessment item 1 File Systems and Advanced Scripting .docx
davezstarr61655
 
Developing a Framework for File Format Migrations. Joey Heinen and Andrea Goe...
Developing a Framework for File Format Migrations. Joey Heinen and Andrea Goe...Developing a Framework for File Format Migrations. Joey Heinen and Andrea Goe...
Developing a Framework for File Format Migrations. Joey Heinen and Andrea Goe...
12th International Conference on Digital Preservation (iPRES 2015)
 
Building Container Defence Executable at a Time.pdf
Building Container Defence Executable at a Time.pdfBuilding Container Defence Executable at a Time.pdf
Building Container Defence Executable at a Time.pdf
Suraj Deshmukh
 
What the Heck Just Happened?
What the Heck Just Happened?What the Heck Just Happened?
What the Heck Just Happened?
Ken Evans
 
Towards Isolated Execution at the Machine Level
Towards Isolated Execution at the Machine LevelTowards Isolated Execution at the Machine Level
Towards Isolated Execution at the Machine Level
Shinagawa Laboratory, The University of Tokyo
 
DMAFV: Testing Device Drivers against DMA Faults
DMAFV: Testing Device Drivers against DMA FaultsDMAFV: Testing Device Drivers against DMA Faults
DMAFV: Testing Device Drivers against DMA Faults
Shinagawa Laboratory, The University of Tokyo
 

Más contenido relacionado

Similar a 遅延レイヤ取得による高互換コンテナ起動高速化手法

FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...
FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...
FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...
Akihiro Suda
 
[FOSDEM 2020] Lazy distribution of container images
[FOSDEM 2020] Lazy distribution of container images[FOSDEM 2020] Lazy distribution of container images
[FOSDEM 2020] Lazy distribution of container images
Akihiro Suda
 
Exploiting Directory Permissions on macOS
Exploiting Directory Permissions on macOSExploiting Directory Permissions on macOS
Exploiting Directory Permissions on macOS
Csaba Fitzl
 
OpenEmbedded & BitBake - Denx
OpenEmbedded & BitBake - DenxOpenEmbedded & BitBake - Denx
OpenEmbedded & BitBake - Denx
yang firo
 
Lessons Learned Running Hadoop and Spark in Docker Containers
Lessons Learned Running Hadoop and Spark in Docker ContainersLessons Learned Running Hadoop and Spark in Docker Containers
Lessons Learned Running Hadoop and Spark in Docker Containers
BlueData, Inc.
 
Assessment item 1 File Systems and Advanced Scripting .docx
Assessment item 1 File Systems and Advanced Scripting .docxAssessment item 1 File Systems and Advanced Scripting .docx
Assessment item 1 File Systems and Advanced Scripting .docx
davezstarr61655
 

Similar a 遅延レイヤ取得による高互換コンテナ起動高速化手法 (20)

Docker Overview
Docker OverviewDocker Overview
Docker Overview
 
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
 
FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...
FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...
FILEgrain: Transport-Agnostic, Fine-Grained Content-Addressable Container Ima...
 
Building Quality Code That Lasts: A Dropbox Story. Ashley Nelson-Hornstein
Building Quality Code That Lasts: A Dropbox Story. Ashley Nelson-Hornstein Building Quality Code That Lasts: A Dropbox Story. Ashley Nelson-Hornstein
Building Quality Code That Lasts: A Dropbox Story. Ashley Nelson-Hornstein
 
Tachyon: An Open Source Memory-Centric Distributed Storage System
Tachyon: An Open Source Memory-Centric Distributed Storage SystemTachyon: An Open Source Memory-Centric Distributed Storage System
Tachyon: An Open Source Memory-Centric Distributed Storage System
 
Tachyon Presentation at AMPCamp 6 (November, 2015)
Tachyon Presentation at AMPCamp 6 (November, 2015)Tachyon Presentation at AMPCamp 6 (November, 2015)
Tachyon Presentation at AMPCamp 6 (November, 2015)
 
Union FileSystem - A Building Blocks Of a Container
Union FileSystem - A Building Blocks Of a ContainerUnion FileSystem - A Building Blocks Of a Container
Union FileSystem - A Building Blocks Of a Container
 
Faster Container Image Distribution on a Variety of Tools with Lazy Pulling
Faster Container Image Distribution on a Variety of Tools with Lazy PullingFaster Container Image Distribution on a Variety of Tools with Lazy Pulling
Faster Container Image Distribution on a Variety of Tools with Lazy Pulling
 
[FOSDEM 2020] Lazy distribution of container images
[FOSDEM 2020] Lazy distribution of container images[FOSDEM 2020] Lazy distribution of container images
[FOSDEM 2020] Lazy distribution of container images
 
"Docker best practice", Станислав Коленкин (senior devops, DataArt)
"Docker best practice", Станислав Коленкин (senior devops, DataArt)"Docker best practice", Станислав Коленкин (senior devops, DataArt)
"Docker best practice", Станислав Коленкин (senior devops, DataArt)
 
Exploiting Directory Permissions on macOS
Exploiting Directory Permissions on macOSExploiting Directory Permissions on macOS
Exploiting Directory Permissions on macOS
 
OpenEmbedded & BitBake - Denx
OpenEmbedded & BitBake - DenxOpenEmbedded & BitBake - Denx
OpenEmbedded & BitBake - Denx
 
Folder structure & setup dev environment
Folder structure & setup dev environmentFolder structure & setup dev environment
Folder structure & setup dev environment
 
Live Container Migration: OpenStack Summit Barcelona 2016
Live Container Migration: OpenStack Summit Barcelona 2016Live Container Migration: OpenStack Summit Barcelona 2016
Live Container Migration: OpenStack Summit Barcelona 2016
 
Expanding XPages with Bootstrap Plugins for Ultimate Usability
Expanding XPages with Bootstrap Plugins for Ultimate UsabilityExpanding XPages with Bootstrap Plugins for Ultimate Usability
Expanding XPages with Bootstrap Plugins for Ultimate Usability
 
Lessons Learned Running Hadoop and Spark in Docker Containers
Lessons Learned Running Hadoop and Spark in Docker ContainersLessons Learned Running Hadoop and Spark in Docker Containers
Lessons Learned Running Hadoop and Spark in Docker Containers
 
Assessment item 1 File Systems and Advanced Scripting .docx
Assessment item 1 File Systems and Advanced Scripting .docxAssessment item 1 File Systems and Advanced Scripting .docx
Assessment item 1 File Systems and Advanced Scripting .docx
 
Developing a Framework for File Format Migrations. Joey Heinen and Andrea Goe...
Developing a Framework for File Format Migrations. Joey Heinen and Andrea Goe...Developing a Framework for File Format Migrations. Joey Heinen and Andrea Goe...
Developing a Framework for File Format Migrations. Joey Heinen and Andrea Goe...
 
Building Container Defence Executable at a Time.pdf
Building Container Defence Executable at a Time.pdfBuilding Container Defence Executable at a Time.pdf
Building Container Defence Executable at a Time.pdf
 
What the Heck Just Happened?
What the Heck Just Happened?What the Heck Just Happened?
What the Heck Just Happened?
 

Más de Shinagawa Laboratory, The University of Tokyo

Towards Isolated Execution at the Machine Level
Towards Isolated Execution at the Machine LevelTowards Isolated Execution at the Machine Level
Towards Isolated Execution at the Machine Level
Shinagawa Laboratory, The University of Tokyo
 

Más de Shinagawa Laboratory, The University of Tokyo (11)

Towards Isolated Execution at the Machine Level
Towards Isolated Execution at the Machine LevelTowards Isolated Execution at the Machine Level
Towards Isolated Execution at the Machine Level
 
DMAFV: Testing Device Drivers against DMA Faults
DMAFV: Testing Device Drivers against DMA FaultsDMAFV: Testing Device Drivers against DMA Faults
DMAFV: Testing Device Drivers against DMA Faults
 
Deriving Optimal Deep Learning Models for Image-based Malware Classification
Deriving Optimal Deep Learning Models for Image-based Malware ClassificationDeriving Optimal Deep Learning Models for Image-based Malware Classification
Deriving Optimal Deep Learning Models for Image-based Malware Classification
 
ライブマイグレーションにおけるサブページ書き込み保護の評価
ライブマイグレーションにおけるサブページ書き込み保護の評価ライブマイグレーションにおけるサブページ書き込み保護の評価
ライブマイグレーションにおけるサブページ書き込み保護の評価
 
A Robust and Flexible Operating System Compatibility Architecture
A Robust and Flexible Operating System Compatibility ArchitectureA Robust and Flexible Operating System Compatibility Architecture
A Robust and Flexible Operating System Compatibility Architecture
 
FaultVisor2: Testing Hypervisor Device Drivers against Real Hardware Failures
FaultVisor2: Testing Hypervisor Device Drivers against Real Hardware FailuresFaultVisor2: Testing Hypervisor Device Drivers against Real Hardware Failures
FaultVisor2: Testing Hypervisor Device Drivers against Real Hardware Failures
 
Distributed Denial of Service Attack Prevention at Source Machines
Distributed Denial of Service Attack Prevention at Source MachinesDistributed Denial of Service Attack Prevention at Source Machines
Distributed Denial of Service Attack Prevention at Source Machines
 
The Quick Migration of File Servers
The Quick Migration of File ServersThe Quick Migration of File Servers
The Quick Migration of File Servers
 
Unified Hardware Abstraction Layer with Device Masquerade
Unified Hardware Abstraction Layer with Device MasqueradeUnified Hardware Abstraction Layer with Device Masquerade
Unified Hardware Abstraction Layer with Device Masquerade
 
BMCArmor: A Hardware Protection Scheme for Bare-metal Clouds
BMCArmor: A Hardware Protection Scheme for Bare-metal CloudsBMCArmor: A Hardware Protection Scheme for Bare-metal Clouds
BMCArmor: A Hardware Protection Scheme for Bare-metal Clouds
 
VM-aware Adaptive Storage Cache Prefetching
VM-aware Adaptive Storage Cache PrefetchingVM-aware Adaptive Storage Cache Prefetching
VM-aware Adaptive Storage Cache Prefetching
 

Último

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
OnePlan Solutions
 

Último (20)

HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
Pharm-D Biostatistics and Research methodology
Pharm-D Biostatistics and Research methodologyPharm-D Biostatistics and Research methodology
Pharm-D Biostatistics and Research methodology
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 

遅延レイヤ取得による高互換コンテナ起動高速化手法

  • 2. Container is a mechanism to easily build, deploy and run applications everywhere. build share & deploy run scripts library binary config push pull Container Runtime (e.g. docker, podman) Container Image Container Image Platform (e.g. Cloud, Laptop, IoT) 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 1/40
  • 3. Container Image Pull is Slow Image pull occupy most part of container boot (c.f docker run) time. ※ Pull Image: download & unfreeze Image 0.0s 5.0s 10.0s 15.0s 20.0s 1 2 boot latency of major containers Series1 Series2 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 2/40
  • 4. Research Goal 1: Reducing Boot Latency Our research goal is to reduce containers’ boot latency. 0.0s 5.0s 10.0s 15.0s 20.0s 1 2 boot latency of major containers Series1 Series2 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 3/40
  • 5. Compatibility to Ecosystem is also Important  Many container images are already built based on image’s spec.  Currently over 4.5 million images are stored in DockerHub.  Many tools supporting containers are also based on specification. 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary Container’s Ecosystem consists of many tools & images 4/40
  • 6. Existing Methods have Problems in Compatibility Minimize Image • Building Apps on Small Base Image (e.g. Alpine Linux) ×incompatible in terms of packages & libraries • Removing Files Manually/Automatically ×degrading functionality Lazy Image Pull • NFS・P2P based Lazy Image Pull / Parallel Image Pull ×only applicable in clusters • Lazy Image Pull with Original Format Image ×hard to coexists with existing software & ecosystem • Lazy Layer Pull with Library Call Hook ×only apps using libc (shared library) are supported 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 5/40
  • 7. Research Goal 1. Reducing container’s boot time 2. Achieving high compatibility 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 6/40
  • 8. Base Idea for Our Proposal 1. Reducing container’s boot time ↑ Lazy Image Fetching 2. Achieving high applicability ↑ Conforming to container’s de facto standard (layer & overlay filesystem) 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 7/40
  • 9. Background 1: Lazy Image Fetching Only about 6.4% of data is need for container execution [1]. [1] Slacker: Fast Distribution with Lazy Docker Containers. FAST’16 Container process container image Container process container image unused data can be fetched lazily at run time only necessary data for boot should be fetched in advance normal lazy fetching all data is pulled in advance 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 8/40
  • 10. Background 2: Layers & Overlay Filesystem • A container image consists of stacked multiple layers • Each layer is a directory and distributed as a tar.gz file • Overlay filesystem manage layers and redirect accesses to each layer Container Image layer file access overlay filesystem 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 9/40
  • 11. overlay filesystem 1. Create boot layer on top of original image • consisting of necessary data for boot 2. Pull other layers lazily • Only boot layer is pulled on boot • Our overlay filesystem manages lazy pull Container Image layer file access pull layers lazily Concepts: Overlay Filesystem for Lazy Layer Pull 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 10/40
  • 12. There are some Design Choices & Problems How to know which file is needed for boot layer  Static analysis vs Dynamic analysis Unexpected Layer Pull 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 11/40
  • 13. There are some Design Choices & Problems How to know which file is needed for boot layer  Static analysis vs Dynamic analysis Unexpected Layer Pull 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 12/40
  • 14.  Static Image Analysis  analyze executable  consider domain knowledge × less general  Dynamic Analysis  run target container  trace file access dynamically ↑ our approach Design Choice 1: How to know which file is needed? overlay filesystem pull layers lazily 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 13/40
  • 15. There are some Design Choices & Problems How to know which file is needed for boot layer  Static analysis vs Dynamic analysis Unexpected Layer Pull 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 14/40
  • 16. Some file access needs additional information & pull all layers 1. Access to non-existing path • e.g. ) exec command new file creation, etc… 2. Reading directory entries • requires children files overlay filesystem pull layers lazily copying accessed files is not enough! Problem: Unexpected Layer Pull 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 15/40
  • 17. Case Study : Access to non-existing path overlay filesystem Need to pull all layers to know the absence of /sbin/bash ※ Creating new files causes the same problem Situation: exec bash with PATH=/sbin:/bin:… ①/sbin/bash ②/bin/bash 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 16/40
  • 18. Case Study: Reading Directory Entry overlay filesystem Just copying the directory doesn’t work. /dir /dir/fileA /dir/fileB Need to pull all layers to know each file 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 17/40
  • 19. Case Study: Reading Directory Entry overlay filesystem /dir /dir/fileA Copying the directory and its children doesn’t work, either. Need to pull all layers to know the absence of other files. 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary /dir/fileB 18/40
  • 20. Solution1: Whiteout files and opaque directories Utilize existing functionalities defined in specification, keeping compatibility 1. Access to non-existing path • Place whiteout files to notify the absence of the file 2. Reading directory entries • Copy all children into the boot layer • Set the directory as opaque to stop reading lower layers 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 19/40
  • 21. Case Study: Access to non-existing path Situation: exec bash with PATH=/sbin:/bin:… overlay filesystem Place the whiteout file to notify the absence of the file. ※ Whiteout files are originally for removing files ①/sbin/bash ②/bin/bash whiteout file for /sbin/bash (empty file at /sbin/.wh.bash) pull layers lazily pull of lower layers can be postponed 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 20/40
  • 22. Case Study: Reading Directory Entry overlay filesystem pull layers lazily Specify the directory as opaque to stop searching lower layers ※ Opaque Directories are originally for removing/creating directories stop searching pull of lower layers can be postponed 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 21/40
  • 23. Whiteout files & opaque directories are not enough for the following cases. • Case 1: creating files at random path • e.g.) python, golang, texlive • Case 2: interactive filesystem movement • e.g. ) cd, ls, find commands @ubuntu • e.g. ) creating new notebook @jupyter Problem(cont’d): Unpredictable File Access 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 22/40
  • 24. /sbin /etc /var /bin / /bash /ls /sbin /bin / /.wh..wh.llpfs /bash /sbin /etc /bin /ls /echo /echo /etc Original Image Boot Layer meta data tree copy only metadata of non-accessed files copy contents and metadata of accessed files 1. non-existing path can be decided. 2. The results of readdir operation can be generated. 3. Interactive application can work due to this extension (e.g. bash, jupyter) Situation: Executing bash with PATH=/sbin:/bin:… bash we can know the absence of /sbin/bash These files cannot be seen when mounted /var Solution2: Including All Metadata into Boot Layer 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 23/40
  • 25. Methods for Avoiding Unexpected Layer Pull We implemented two layer generation methods to solve this problem. 1. Using whiteout files & opaque directories • exploits existing functionalities defined in the image specification. 2. Including all metadata • create metadata dedicated file tree under specific path 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 24/40
  • 26. boot layer generation runtime Container Image layer file access component implementation Proposed System Architecture 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary Container process blgen (boot layer generator) registry overlay filesystem for access trace filesystem log push boot layer common layers Container process lazy layer pull manager container Runtime (podman) registry llpfs communicate via unix domain socket pull layers lazily start start start 25/40
  • 27. container runtime 1. start container runtime Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 26/40
  • 28. container runtime 1. start container runtime 2. initialize for new container llpfs start start lazy layer pull manager communicate via UNIX domain socket Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 27/40
  • 29. container runtime 1. start container runtime 2. initialize for new container 3. start new container llpfs lazy layer pull manager Container process start Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 28/40
  • 30. container runtime lazy layer pull manager Container process llpfs Request layer 1. start container runtime 2. initialize for new container 3. start new container 4. request the layer for file access Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 29/40
  • 31. container runtime lazy layer pull manager Container process llpfs pull layers lazily registry 1. start container runtime 2. initialize for new container 3. start new container 4. request the layer for file access 5. pull layer lazily Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 30/40
  • 32. container runtime 1. start container runtime 2. initialize for new container 3. start new container 4. request the layer for file access 5. pull layer lazily 6. notify layer pull completion 7. repeat 4〜6 from top to bottom till the file found lazy layer pull manager Container process llpfs registry notify layer pull completion Lazy Layer Pull Procedure 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 31/40
  • 33. container runtime lazy layer pull manager Container process llpfs registry pull layers lazily Asynchronous Lazy Layer Pull Start layer pull without request when async option is enabled 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 32/40
  • 34. Evaluation  Application Boot Time Evaluation  Performance Evaluation Environment Machine1(Application Boot Time) Machine2(Performance) CPU Intel Core i7-9700 Intel Xeon E5-2603 v4 CPU Clock 3.00GHz 1.70GHz #Core (Physical/Logical) 8/8 6/6 RAM 32GB 16GB Disk Samsung SSD 970 EVO Plus 500GB Samsung SSD 950 EVO Plus 256GB OS Ubuntu 18.04 (Linux Kernel 5.3.0) Ubuntu 20.04 (Linux Kernel 5.4.0) 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 33/40
  • 35. app container image registry Application Boot Time Evaluation Settings  Examine boot time of various popular applications  5 times per setting Applications • ubuntu(bash) • nginx • redis • buildpack • ※Spring Boot application built with buildpack • golang • python • texlive/texlive • jupyter/datascence-notebook Machine 1 8core / 32GB RAM VM 4core/8GB RAM VM 2core/8GB RAM connected with virtual network with 5Mbps, 10Mbps, 50Mbps, 100Mbps, 500Mbps, 1000Mbps, no limit bandwidth. 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 34/40
  • 36. Application Boot Case Study: jupyter notebook • Definition of Boot Time: The time up to first valid http response • Application(image) source • most popular official container • jupyter/datascience-notbook • obtained from DockerHub • Boot time is improved at any bandwidth 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 35/40
  • 37. Layer Generation Methods Comparison Boot Time is a bit faster without metadata files when possible 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 36/40
  • 38. Application Boot Time Evaluation Summary The boot times are improved with all settings maximum improvement ratio is 39x average improvement 1Gbps: 4.9X 100Mbps: 10X 10Mbps: 15X 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 37/40
  • 39. Performance Evaluation Settings Sysbench for MySQL container on overlay filesystems to measure filesystem overhead. Machine 2 6core 16GB RAM MySQL container sysbench issue requests overlay filesystem • Sysbench oltp_read_write workload • 10s × 5 each • on overlay filesystems • overlayfs (kernel module) • fuse-overlayfs (FUSE) • our proposal 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 38/40
  • 40. Performance Evaluation Results 1.3% 2.9% 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary higher is better lower is better 39/40
  • 41. Future Work  Support image build  Support multiple/gradual boot layers  Support various filesystems/runtimes 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 40/40
  • 42. Summary  Our research goal is reducing container boot latency with high compatibility  We proposed a new lazy layer pull approach with overlay filesystem  Our proposal improved average boot time by 10x at 100Mbps with little performance degradation 1. Background 2. Proposal 3. Design & Implementation 4. Evaluation 5. Summary 41/40