Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain)
2
TRANSFORMING NETWORKING & STORAGE
About Myself:
I am a working for Intel for various projects, primarily Kernel
networking.
My website: http://ramirose.wix.com/ramirosen
I am the author of a book titled “Linux Kernel Networking” by Apress,
648 pages, 2014:
Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain)
Agenda:
Overview of the cgroup subsystem and the namespace subsystem
cgroups
The PIDs cgroup controller
cgroup v2
namespaces
Backup
Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain)
• The namespace subsystem and the cgroup
subsystem are the basis of lightweight process
virtualization.
• They form the basis of Linux containers.
• Can be used also for setting a testing environment or as a resource
management/resource isolation setup and for accounting.
• We will talk mainly about the kernel implementation with
some userspace usage examples.
lightweight process virtualization: A process which gives the user
an illusion that he runs a Linux operating system. You can run
many such processes on a machine, and all such processes in
fact share a single Linux kernel which runs on the machine.
Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain)
This is opposed to hypervisor solutions, like Xen or KVM, where you
run another instance of the kernel.
The idea is not really a new paradigm - we have Solaris Zones and BSD
jails already several years ago.
It seems that Hypervisor-based VMs like KVM are here to stay (at least
for the next several years). There is an ecosystem of cloud infrastructure
around solutions like KVMs.
Advantages of Hypervisor-based VMs (like KVM) :
• You can create VMs of other operating systems (windows, BSDs).
• Security
• Though there were cases of security vulnerabilities which were found and
required installing patches to handle them (like VENOM).
Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain)
