Performance and isolation analysis of RunC, gVisor and Kata Containers runtimes
연구 분야: Software Development
학회: Cluster Computing
초록
Containers are resource-efficient and most IT industries are adopting container-based infrastructure. However, the security and isolation of the container is rather weak. In this work, we aim to conduct an in-depth quantitative analysis of the performance characteristics of containerization technologies that strengthen container isolation and security, and discuss the applicable scenarios of various containerization technologies. We evaluate multiple cloud resource management dimensions of RunC, gVisor, and Kata Containers runtimes, including performance, system call, startup time, density, and isolation. Experimental results show that RunC and Kata Containers have less performance overhead, while gVisor suffers significant performance degradation in I/O and system call, although its isolation is the best. Our work deepens the understanding of the container performance characteristics and may help cloud computing practitioners in making proper decisions on platform selection, system maintenance and/or design.
📄 논문 정보
| 발행 연도 | 2022년 |
|---|---|
| 인용수 | 25 |
| 출판 국가 | Andorra |
| 사이트 | Springer |
| 좋아요 수 | 0 |