Containers in the upstream kernel (as compared to VZ kernel)

Transcript

1. Containers in the upstream kernel (as compared to VZ kernel)

   Containers in the upstream kernel (as compared to VZ kernel) Kir Kolyshkin, Sergey Bronnikov OpenVZ Virtuozzo Containers

2. Who we are? Who we are? • OpenVZ is an

   open source implementation of Linux containers • Kir Kolyshkin - leading OpenVZ for 10 years • Sergey Bronnikov - community manager of OpenVZ project

3. OpenVZ contribution to the Linux kernel: OpenVZ contribution to the

   Linux kernel: 0 100 200 300 400 2000+ commits

4. Is OpenVZ kernel upstreamed yet? • Yes! • About 60%

   • Biggest pieces: – NET and PID namespaces – Memory cgroup, device cgroup – CRIU – NFS virtualization

5. Virtuozzo kernel changes (LOC) Virtuozzo kernel changes (LOC) RHEL5 (2.6.18)

   RHEL6 (2.6.32) RHEL7 (3.10) 0 70000 140000 210000 280000 264,641 202,746 66,324

6. Things we (still) need to add 1/2 • Ploop and

   related ext4 changes • Memory management and accounting – backport of kmemcg – idle memory tracking (for vcmmd) – network buffers memory accounting – OOM killer virtualization • /sys and /proc virtualization

7. Things we (still) need to add 2/2 • Network: venet,

   iptables (marks) • FUSE upstream backports • Printk virtualization • /dev/console virtualization • Time namespace (for monotonic timers wrt migration) • Misc legacy (vziolimit, vzlist, vzredir, vznetstat, beancounters...) – Beancounters: numiptent, numfile, numproc

8. Any patches? Questions? Any patches? Questions? Kir Kolyshkin [email protected], @kolyshkin

   Sergey Bronnikov [email protected], @estet