$30 off During Our Annual Pro Sale. View Details »

Software Execution Environmens - process, virtual machine, and container

Satoru Takeuchi
PRO
May 16, 2020
Technology
3
300

Software Execution Environmens - process, virtual machine, and container

This slide introduces the various software execution environments, like process, virtual, and container.

Satoru Takeuchi
PRO

May 16, 2020
Tweet

More Decks by Satoru Takeuchi

See All by Satoru Takeuchi
分散ストレージはすごいぞ
sat
PRO
1
380
device mapperによるディスクI/O障害のエミュレーション
sat
PRO
7
2.3k
Linuxのメモリ管理入門 プロセスごとに違う世界を見せる 仮想記憶
sat
PRO
1
44
18行のLinuxカーネルモジュールを 作ってみる
sat
PRO
1
110
lsblkコマンドのTYPEフィールドの値を自由に変更
sat
PRO
0
27
lsblkのtypeフィールドのしくみ
sat
PRO
2
70
俺とキャンプ
sat
PRO
1
150
OSカーネルに興味がある人におすすめの参考資料
sat
PRO
1
830
カーネルコードの歩き方
sat
PRO
4
3.1k

Other Decks in Technology

See All in Technology
サービスの1等地ホーム画面改善と効果的なステークホルダーマネジメント / Improvement of Prime Location Home Screen for Services and Effective Stakeholder Management
rilmayer
0
210
EventStormingとRDRA2.0で大規模レガシーシステムのフルリニューアルPJに挑む
leveragestech
0
1.4k
生成AIでシステム開発はどう変わるか
etaroid
18
7.7k
The Future of encoding/json
iamshunta
2
270
2023-12-01 吉祥寺.pm ベストプラクティスと組織とIaC
masasuzu
1
380
AWS re:Invent 2023の期間中に出たコンテナアップデート集
yoshiitaka
3
320
LLMエンジニアリングを加速させるソフトウェアアーキテクチャ
tkikuchi1002
0
520
「極意本」サンプルコードをクラウド上で動かそう
upura
1
850
231116 あつまれ入力デバイスの沼 Ryu.Cyberさん
comucal
PRO
0
230
VS CodeとPostmanを活用した効率的なAPI開発 / Efficient API development using VS Code and Postman
yokawasa
3
330
ECサイト向け決済機能の開発で学んだ外部決済サービスの活用ポイント
k1style
1
200
SOLID Is Dead, Long Live SOLID
lemiorhan
4
210

Featured

See All Featured
We Have a Design System, Now What?
morganepeng
41
6.5k
Streamline your AJAX requests with AmplifyJS and jQuery
dougneiner
130
9.8k
From Idea to $5000 a Month in 5 Months
shpigford
376
45k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
20k
Creatively Recalculating Your Daily Design Routine
revolveconf
208
11k
Statistics for Hackers
jakevdp
788
220k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
500
140k
Become a Pro
speakerdeck
PRO
8
3.6k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
1
890
10 Git Anti Patterns You Should be Aware of
lemiorhan
645
57k
The Straight Up "How To Draw Better" Workshop
denniskardys
226
130k
Building Better People: How to give real-time feedback that sticks.
wjessup
349
18k

Transcript

  1. Software execution Environments
    ~Process, virtual machine, and container
    May 15, 2020
    Kanazawa.rb meetup #93
    Satoru Takeuchi
    (twitter: satoru_takeuchi, EnSatoru)
    1

    View Slide

  2. Without process
    2
    program
    hardware
    access

    View Slide

  3. Process with primitiv kernels like poor embedded system
    3
    Process
    hardware
    access
    Process
    access


    kernel
    access


    access

    View Slide

  4. Process with modern kernels like Linux and NT kernel
    4
    kernel
    hardware
    process
    ①Requests with system calls
    ● File access
    ● Hardware access
    ● Inter process communication
    ②access
    access
    ×
    ×
    access


    process

    View Slide

  5. Virtual machine (qemu + kvm)
    5
    kernel
    hardware
    Process for virtual machine
    Virtual hardware
    kernel
    プロセス
    プロセス
    process
    ①trap
    ③request
    ④request
    access
    ×

    View Slide

  6. Container (with Linux’s namespace)
    6
    kernel
    hardware
    Container
    プロセス
    プロセス
    process
    Container
    プロセス
    process
    ×access

    View Slide

  7. Two types of containers
    7
    System container
    (for full featured OS environment)
    Application container
    (for only one application like Docker container)
    container
    Environment for all apps
    container
    app
    app
    Environment for an app
    app

    View Slide

  8. Security risks
    ● The required steps to attack other process
    8
    kernel kernel
    hardware hardware
    container
    プロセス
    プロセス
    process
    Virtual machine container
    Virtual machine
    Virtual hardware
    kernel
    process

    process

    process


    ③ ④

    View Slide

  9. Various container runtimes
    ● System call steps
    9
    runC(basic way) Kata Containers gVisor
    Namespace
    app
    kernel
    VM
    app
    kernel
    kernel
    app
    Userland
    kernel
    kernel
    hardware
    ① ②
    ① ②





    View Slide

  10. That’s all
    Question?
    10

    View Slide