A Fresh Look at the Architecture and Performance of Contemporary Isolation Platforms

Research output: Chapter in book/report/conference proceedingConference contributionResearchpeer review

Authors

External Research Organisations

  • Delft University of Technology
View graph of relations

Details

Original languageEnglish
Title of host publicationProceedings of the 22nd ACM/IFIP International Middleware Conference
ISBN (electronic)9781450385343
Publication statusPublished - 2021
Externally publishedYes
Event22nd ACM/IFIP International Middleware Conference - Virtual Event, Canada
Duration: 6 Dec 202110 Dec 2021

Abstract

With the ever-increasing pervasiveness of the cloud computing paradigm, strong isolation guarantees and low performance overhead from isolation platforms are paramount. An ideal isolation platform offers both: an impermeable isolation boundary while imposing a negligible performance overhead. In this paper, we examine various isolation platforms (containers, secure containers, hypervisors, unikernels), and conduct a wide array of experiments to measure the performance overhead and degree of isolation offered by the platforms. We find that container platforms have the best, near-native, performance while the newly emerging secure containers suffer from various overheads. The highest degree of isolation is achieved by unikernels, closely followed by traditional containers.

Keywords

    Containers, Virtual Machines, Performance

Cite this

A Fresh Look at the Architecture and Performance of Contemporary Isolation Platforms. / van Rijn, V.J.; Rellermeyer, Jan.
Proceedings of the 22nd ACM/IFIP International Middleware Conference. 2021.

Research output: Chapter in book/report/conference proceedingConference contributionResearchpeer review

van Rijn, VJ & Rellermeyer, J 2021, A Fresh Look at the Architecture and Performance of Contemporary Isolation Platforms. in Proceedings of the 22nd ACM/IFIP International Middleware Conference. 22nd ACM/IFIP International Middleware Conference, Canada, 6 Dec 2021. https://doi.org/10.1145/3464298.3493404
van Rijn, V. J., & Rellermeyer, J. (2021). A Fresh Look at the Architecture and Performance of Contemporary Isolation Platforms. In Proceedings of the 22nd ACM/IFIP International Middleware Conference https://doi.org/10.1145/3464298.3493404
van Rijn VJ, Rellermeyer J. A Fresh Look at the Architecture and Performance of Contemporary Isolation Platforms. In Proceedings of the 22nd ACM/IFIP International Middleware Conference. 2021 doi: 10.1145/3464298.3493404
van Rijn, V.J. ; Rellermeyer, Jan. / A Fresh Look at the Architecture and Performance of Contemporary Isolation Platforms. Proceedings of the 22nd ACM/IFIP International Middleware Conference. 2021.
Download
@inproceedings{59db9bb3c90b4c99bd81aab1f59ee624,
title = "A Fresh Look at the Architecture and Performance of Contemporary Isolation Platforms",
abstract = "With the ever-increasing pervasiveness of the cloud computing paradigm, strong isolation guarantees and low performance overhead from isolation platforms are paramount. An ideal isolation platform offers both: an impermeable isolation boundary while imposing a negligible performance overhead. In this paper, we examine various isolation platforms (containers, secure containers, hypervisors, unikernels), and conduct a wide array of experiments to measure the performance overhead and degree of isolation offered by the platforms. We find that container platforms have the best, near-native, performance while the newly emerging secure containers suffer from various overheads. The highest degree of isolation is achieved by unikernels, closely followed by traditional containers.",
keywords = "Containers, Virtual Machines, Performance",
author = "{van Rijn}, V.J. and Jan Rellermeyer",
year = "2021",
doi = "10.1145/3464298.3493404",
language = "English",
booktitle = "Proceedings of the 22nd ACM/IFIP International Middleware Conference",
note = "22nd ACM/IFIP International Middleware Conference ; Conference date: 06-12-2021 Through 10-12-2021",

}

Download

TY - GEN

T1 - A Fresh Look at the Architecture and Performance of Contemporary Isolation Platforms

AU - van Rijn, V.J.

AU - Rellermeyer, Jan

PY - 2021

Y1 - 2021

N2 - With the ever-increasing pervasiveness of the cloud computing paradigm, strong isolation guarantees and low performance overhead from isolation platforms are paramount. An ideal isolation platform offers both: an impermeable isolation boundary while imposing a negligible performance overhead. In this paper, we examine various isolation platforms (containers, secure containers, hypervisors, unikernels), and conduct a wide array of experiments to measure the performance overhead and degree of isolation offered by the platforms. We find that container platforms have the best, near-native, performance while the newly emerging secure containers suffer from various overheads. The highest degree of isolation is achieved by unikernels, closely followed by traditional containers.

AB - With the ever-increasing pervasiveness of the cloud computing paradigm, strong isolation guarantees and low performance overhead from isolation platforms are paramount. An ideal isolation platform offers both: an impermeable isolation boundary while imposing a negligible performance overhead. In this paper, we examine various isolation platforms (containers, secure containers, hypervisors, unikernels), and conduct a wide array of experiments to measure the performance overhead and degree of isolation offered by the platforms. We find that container platforms have the best, near-native, performance while the newly emerging secure containers suffer from various overheads. The highest degree of isolation is achieved by unikernels, closely followed by traditional containers.

KW - Containers

KW - Virtual Machines

KW - Performance

U2 - 10.1145/3464298.3493404

DO - 10.1145/3464298.3493404

M3 - Conference contribution

BT - Proceedings of the 22nd ACM/IFIP International Middleware Conference

T2 - 22nd ACM/IFIP International Middleware Conference

Y2 - 6 December 2021 through 10 December 2021

ER -

By the same author(s)

  1. Brug: An Adaptive Memory (Re-)Allocator

    Research output: Chapter in book/report/conference proceedingConference contributionResearchpeer review

  2. Is Your Anomaly Detector Ready for Change? Adapting AIOps Solutions to the Real World

    Research output: Chapter in book/report/conference proceedingConference contributionResearchpeer review

  3. Toward Competitive Serverless Deep Learning

    Research output: Chapter in book/report/conference proceedingConference contributionResearchpeer review

  4. The Performance of Distributed Applications: A Traffic Shaping Perspective

    Research output: Chapter in book/report/conference proceedingConference contributionResearchpeer review

  5. Log Parsing Evaluation in the Era of Modern Software Systems

    Research output: Chapter in book/report/conference proceedingConference contributionResearchpeer review