Lightweight Container-based User Environment

Modern operating systems all support multi-users that users could share a computer simultaneously and not affect each other. However, there are some limitations. For example, privacy problem exists that users are visible to each other in terms of running processes and files. Moreover, users have little freedom to customize the system environment. Last, it is a burden for system administrator to safely manage and update system environment while satisfying multiple users. Facing the above problems, this paper proposes CUE, a Lightweight Container-based User Environment. CUE proposes a new notion that stands in between application container and operating system container:user container. CUE is able to give users more flexibility to customize their environment, achieve privacy isolation, and make system update easier and safer. Its goal is to optimize and enhance the multi-user notion of current operating system and being lightweight. Moreover, it is able to facilitate application deployment in high performance clusters. It is currently deployed in NUDT's Tianhe E prototype supercomputer. Experiment results show that it introduces negligible overhead.

[1]  Vanessa Sochat,et al.  Singularity: Scientific containers for mobility of compute , 2017, PloS one.

[2]  Yingwei Luo,et al.  Evaluating and Optimizing I/O Virtualization in Kernel-based Virtual Machine (KVM) , 2010, NPC.

[3]  Andy B. Yoo,et al.  Approved for Public Release; Further Dissemination Unlimited X-ray Pulse Compression Using Strained Crystals X-ray Pulse Compression Using Strained Crystals , 2002 .

[4]  James E. Smith,et al.  The architecture of virtual machines , 2005, Computer.

[5]  Jason Nieh,et al.  KVM/ARM: the design and implementation of the linux ARM hypervisor , 2014, ASPLOS.

[6]  Carl Boettiger,et al.  An introduction to Docker for reproducible research , 2014, OPSR.

[7]  David Bernstein,et al.  Containers and Cloud: From LXC to Docker to Kubernetes , 2014, IEEE Cloud Computing.

[8]  David H. Bailey,et al.  The NAS Parallel Benchmarks 2.0 , 2015 .

[9]  Yong Yu,et al.  A Synthetical Performance Evaluation of OpenVZ, Xen and KVM , 2010, 2010 IEEE Asia-Pacific Services Computing Conference.

[10]  Rami Rosen,et al.  Linux containers and the future cloud , 2014 .

[11]  Charles Anderson,et al.  Docker [Software engineering] , 2015 .

[12]  Weimin Zheng,et al.  VirtualCluster: Customizing the Cluster Environment through Virtual Machines , 2008, 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.

[13]  Eric W. Biederman,et al.  Multiple Instances of the Global Linux Namespaces , 2010 .

[14]  Garth N. Wells,et al.  Containers for Portable, Productive, and Performant Scientific Computing , 2016, Computing in Science & Engineering.

[15]  Jeanna Neefe Matthews,et al.  Quantifying the performance isolation properties of virtualization systems , 2007, ExpCS '07.

[16]  Lisa Gerhardt,et al.  Shifter: Containers for HPC , 2017 .

[17]  Thanh Bui,et al.  Analysis of Docker Security , 2015, ArXiv.

[18]  Florian Schmidt,et al.  My VM is Lighter (and Safer) than your Container , 2017, SOSP.

[19]  Dhabaleswar K. Panda,et al.  A case for high performance computing with virtual machines , 2006, ICS '06.

[20]  Attila Kovari,et al.  KVM & OpenVZ virtualization based IaaS open source cloud virtualization platforms: OpenNode, Proxmox VE , 2012, 2012 IEEE 10th Jubilee International Symposium on Intelligent Systems and Informatics.

[21]  Dirk Merkel,et al.  Docker: lightweight Linux containers for consistent development and deployment , 2014 .

[22]  Miika Komu,et al.  Hypervisors vs. Lightweight Virtualization: A Performance Comparison , 2015, 2015 IEEE International Conference on Cloud Engineering.

[23]  Ramakrishnan Rajamony,et al.  An updated performance comparison of virtual machines and Linux containers , 2015, 2015 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS).

[24]  Michael Shuey,et al.  Containers in Research: Initial Experiences with Lightweight Infrastructure , 2016, XSEDE.

[25]  Maxim Belkin,et al.  Container solutions for HPC Systems: A Case Study of Using Shifter on Blue Waters , 2018, PEARC.

[26]  Edward David Moreno,et al.  Performance Analysis of LXC for HPC Environments , 2015, 2015 Ninth International Conference on Complex, Intelligent, and Software Intensive Systems.

[27]  David H. Bailey,et al.  The Nas Parallel Benchmarks , 1991, Int. J. High Perform. Comput. Appl..

[28]  César A. F. De Rose,et al.  Performance Evaluation of Container-Based Virtualization for High Performance Computing Environments , 2013, 2013 21st Euromicro International Conference on Parallel, Distributed, and Network-Based Processing.