Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Containers in the upstream kernel (as compared to VZ kernel)

Containers in the upstream kernel (as compared to VZ kernel)

Sergey Bronnikov

August 20, 2015
Tweet

More Decks by Sergey Bronnikov

Other Decks in Programming

Transcript

  1. Containers in the upstream kernel
    (as compared to VZ kernel)
    Containers in the upstream kernel
    (as compared to VZ kernel)
    Kir Kolyshkin, Sergey Bronnikov
    OpenVZ
    Virtuozzo Containers

    View full-size slide

  2. Who we are?
    Who we are?
    • OpenVZ is an open source implementation of Linux containers
    • Kir Kolyshkin - leading OpenVZ for 10 years
    • Sergey Bronnikov - community manager of OpenVZ project

    View full-size slide

  3. OpenVZ contribution to the Linux kernel:
    OpenVZ contribution to the Linux kernel:
    0
    100
    200
    300
    400
    2000+ commits

    View full-size slide

  4. Is OpenVZ kernel upstreamed yet?

    Yes!

    About 60%

    Biggest pieces:
    – NET and PID namespaces
    – Memory cgroup, device cgroup
    – CRIU
    – NFS virtualization

    View full-size slide

  5. Virtuozzo kernel changes (LOC)
    Virtuozzo kernel changes (LOC)
    RHEL5 (2.6.18) RHEL6 (2.6.32) RHEL7 (3.10)
    0
    70000
    140000
    210000
    280000
    264,641
    202,746
    66,324

    View full-size slide

  6. Things we (still) need to add 1/2

    Ploop and related ext4 changes

    Memory management and accounting
    – backport of kmemcg
    – idle memory tracking (for vcmmd)
    – network buffers memory accounting
    – OOM killer virtualization

    /sys and /proc virtualization

    View full-size slide

  7. Things we (still) need to add 2/2

    Network: venet, iptables (marks)

    FUSE upstream backports

    Printk virtualization

    /dev/console virtualization

    Time namespace (for monotonic timers wrt migration)

    Misc legacy (vziolimit, vzlist, vzredir, vznetstat, beancounters...)
    – Beancounters: numiptent, numfile, numproc

    View full-size slide

  8. Any patches? Questions?
    Any patches? Questions?
    Kir Kolyshkin [email protected], @kolyshkin
    Sergey Bronnikov [email protected], @estet

    View full-size slide