|
|
Subscribe / Log in / New account

Virtual machines as containers

By Jonathan Corbet
April 23, 2016
LSFMM 2016
Containers and virtualization are two distinct mechanisms for sharing a physical host across multiple tenants. Containers tend to be more resource-efficient than virtualization, but virtual machines can provide stronger isolation. Rik van Riel started a memory-management track session at the 2016 Linux Storage, Filesystem, and Memory-Management Summit by stating that there is an increasing level of interest in using virtual machines as if they were containers. One problem that results is that each virtual machine (VM) does its own caching, and, if left to its own devices, will fill its memory with cached data. That results in systems using much more memory than they really need, and reduces the number of VMs that can be packed into the host.

A longstanding approach to this problem is balloon drivers, which will "expand" by allocating memory from the guest and returning it to the host system. Ballooning is effective for extracting memory from guests, but it [Rik van Riel] doesn't answer one important question: when should this be done? Despite years of experience with virtualization, we don't really know how to do this sort of memory balancing.

James Bottomley suggested that it might be a good idea to use paravirtualization to move some memory-management decisions from the guest to the host. The Clear Containers project, for example, is using the DAX mechanism — implemented to allow direct access to file data stored in persistent memory — to share file pages with the host. That works well, though sharing of anonymous pages would be harder. Perhaps the guest could share its LRU list with the host; the host could then see what the guest is trying to do and make more intelligent memory-balancing decisions.

It should be possible to share all cached file data across the guests and the host if we had a paravirtualized page cache, James said: "how hard can it be?"

Even if page caching is moved out of guests, though, there would still need to be a way to put memory pressure on guests. Other caches, such as the inode and dentry caches, could still expand to fill all available memory. So the need for a way to quantify memory pressure and communicate it between the host and the guests does not go away. As the session wound down, it was agreed that there were some interesting ideas in play. How soon those ideas will be turned into code remains to be seen, though.

Index entries for this article
KernelContainers
ConferenceStorage, Filesystem, and Memory-Management Summit/2016

to post comments

Virtual machines as containers

Posted Apr 28, 2016 18:00 UTC (Thu) by eternaleye (guest, #67051) [Link] (1 responses)

Isn't this exactly a use case of CleanCache and FrontSwap - one of the ones explicitly described in their rationale prior to their being merged? ISTR a paravirt driver for them that _really did_ push pagecache pages (for CleanCache) and anonymous pages (for FrontSwap) to the host...

Virtual machines as containers

Posted Apr 28, 2016 20:58 UTC (Thu) by hansendc (subscriber, #7363) [Link]

Pages in CleanCache are not *usable*. The data has to be pulled out of CleanCache (and duplicated) before it can actually be used by a guest. So while CleanCache is an improvement over simply throwing data away, it is pretty inferior to mechanisms that allow the page to be both used and shared at the same time.


Copyright © 2016, Eklektix, Inc.
This article may be redistributed under the terms of the Creative Commons CC BY-SA 4.0 license
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds