Shulou(Shulou.com)05/31 Report--

This article introduces the relevant knowledge of "what are the advantages of Container". In the operation of actual cases, many people will encounter such a dilemma. Then let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

The advantages of Container can be summarized as follows:

Increase computing density

A virtual machine takes up more than ten times more resources than an Container. It is difficult to operate a hundred virtual machines on one physical machine, but it is normal to implement more than 100 or even hundreds of Container. Tencent is using Container a lot. The last time a large Internet company upgraded its release, it was mainly to use Cgroups to facilitate the limitation of resources in order to make full use of CPU. To know that companies with the ability to maintain their own versions of the kernel, it is not easy to make such a decision, so the benefits are huge.

Big Internet companies are perfect for Container,Facebook without a virtual machine, because these Internet companies require full use of computing resources. The virtual machine at least needs to run another Guest system, which consumes too much resources.

At the same time, there are not many operating systems within these big companies, and there is only one operating system in the cluster, and even the version number is fixed. Therefore, the heterogeneous operating system features of virtual machines are not needed.

In addition, there is also Runtime Library,Container on the operating system that does not need to be loaded repeatedly, which greatly saves memory consumption.

Finally, because there are more common resources, Container is relatively more likely to be oversold, actually selling more than physical machines.

Finer resource control

Here, take the most popular Linux Container (LXC) as an example, Linux Container is divided into two parts, Cgroups is used to restrict resources, and Namespace is used to isolate resources. Recently, the Linux kernel has made a lot of improvements to LXC, including the addition of user to Namespace in version 3.8. in the future, better CRIU support will be added to make Container look more like a virtual machine.

In addition, Container also has its own advantages in database isolation. There are usually two ideas for cloud-based databases:

First, set up a large database for everyone to use. But how to do resource isolation and security isolation? SAE filters out unreasonable SQL by adding SQL filters (CSDN will interview SAE Chief architect Cong Lei in the near future to explain SAE's resource isolation strategy). Shanda Cloud's MongoDB service adopts a similar strategy, limiting unreasonable requests by judging the execution time. But this method has drawbacks, first of all, we can not enumerate all unreasonable requests, this is a typical downtime problem, even if it is practical in engineering, maintaining a large number of rule bases will make administrators miserable. Just see how many features antivirus software needs to maintain. Secondly, the database code needs to be modified, and these changes will not be accepted by the community at present, because the community believes that resource isolation is not what the database should do.

Second, put each user's database in a Container and use Container to limit resources. There is no need to modify the database. Each user's Container has its own database, and the resources between users are completely isolated. However, there is a view that it is a waste of resources to launch one instance per Container. In fact, the same Runtime will not repeatedly occupy resources, but also can better limit resources, and the operation is simple. At present, some third-party plug-ins for Heroku do database isolation in this way. OpenShift isolates resources through Gear and Cartridges, and each application has its own private small database.

Shorter provisioning Tim

The provisioning time of the virtual machine is in minutes, while the Container is in seconds. Imagine that in the scenario of Taobao Singles Day holiday, it is obviously too slow for the virtual machine to start in a few minutes. In addition, LXC also has a very interesting technology, called systemd, which is the next generation starter, which can greatly accelerate the startup speed and integrates perfectly with LXC, and some advanced functions are implemented on LXC.

Another very important technology in this section is the file system. Improving provisioning time requires the cooperation of file systems, such as ploop, aufs, overlayfs and other file systems have some very interesting technologies that can be used in Container snapshots, replication and so on.

Container-style PaaS assembly is more flexible

I think it's a trend for users to assemble their own PaaS according to their own needs. There are different implementations between different modules that can be replaced. For example, if you think that Docker's encapsulation of LXC is not good, you can change it.

Cloud Foundry also began to pay attention to LXC, encapsulating Container through Warden, but from a technical point of view, Cloud Foundry's architecture is too large, it wants to do everything in PaaS, but each piece is not well done, and the coupling is high. For example, it is very difficult for me to change Warden to Docker.

PaaS platforms represented by Cloud Foundry tend to be heavy, while those like Docker are lightweight framework representatives. I think lightweight platforms are better and more promising because they are more flexible. I thought it was quite clear what PaaS should look like last year, but this year I think there will be a lot of variables, so I prefer a flexible plan.

Less than two days after it was released on Github. the Docker project ranked first on the list of Google languages, indicating that the community is very recognized. In addition, there are a lot of PaaS tools written in Go language, and there is a tendency to shine. And Cloud Foundry almost always depends on VMware's deep pockets. Only with the joint participation of everyone can the project have vitality. Cloud Foundry's community contribution is very poor, most of which are contributed by VMware (Pivotal)'s own engineers.

Trends and challenges of Container

Compared with virtual machines, the isolation of LXC is not complete, and advanced features, including thermal transfer, are also being improved. Cheng Xianfeng summarized the development trends and challenges of LXC into the following four points:

Container has gained wider support

OpenStack now has strong support for LXC. When OpenStack supports Container, this will lead to the promotion of the technology in the Internet community. At the same time, there will be some innovation based on OpenStack+LXC.

In addition, ActiveState Software has long tied Cloud Foundry and LXC together to launch a commercial version.

CoreOS, dotCloud, PiCloud and other companies that are popular these days are all staunch supporters of LXC, and the authors of systemd and the development team of OpenVZ all work together to support LXC.

VPS is a typical application scenario of Container. Basically, 90% of the VPS platforms in the global market use OpenVZ. It is a kind of Container, but it is not accepted by the community because the changes to Container are too large. But the commercial version of OpenVZ is much more mature than Linux Container and can support hot migration. The author of OpenVZ submitted more than a hundred patch for Linux Container. There are already many community activists contributing to Linux Container.

There is a gap between LXC and virtual machine in some respects.

Resource limitation and isolation are not complete, such as time isolation. Now LXC isolation is only a few aspects, processes, mounted resources, users, about six points, in fact, it is far from enough.

Virtual machine heat transfer technology has been very mature, while LXC still has a gap and is under improvement. It is reported that there will be a great improvement in Linux kernel 3.11.

Debugging tools are gradually improved

Cloud computing debugging is a very headache, if the application runs in the virtual machine, the administrator is very difficult to manage. Container has some transparency to the operating system, such as abnormal calls to process, which can be seen by the administrator.

Why don't people use cloud computing? Most people say that deployment habits are different, debugging and deployment is not convenient, why are people willing to use virtual machines? The way the virtual machine is debugged is no different from the way he debugs on the physical machine, and this habit is difficult to change.

The debugging of Cloud Foundry, SAE and Azure has not been solved thoroughly. Debugging through a local simulator alone will not solve the fundamental problem.

Debugging tools will also make some new breakthroughs in the near future, with language-level ones like Ruby2.0 adding support for DTrace later. I am very optimistic about technologies such as Dtrace and SystemTap, especially in PaaS debugging, you can follow the blog of Zhang Yichun and Yu Feng.

PaaS service is still not perfect.

Although all kinds of PaaS emerge one after another, and Cloud Foundry, OpenShift and Azure are also sparing no effort to create a more easy-to-use PaaS platform, there are still various shortcomings and challenges. Whether self-built or using third-party platforms, PaaS is far from mature. Cheng Xianfeng believes that:

There is no unified understanding of the PaaS platform.

What exactly should the PaaS look like? What is a mature PaaS? Now there is no unified understanding. Microsoft Azure, Heroku and Cloud Foundry, each PaaS has different boundaries and content.

Microsoft Azure flexible database, Service Bus. Amazon has a similar service. Do these services belong to IaaS or PaaS? What users need is a very complete service, and there is a lot of work to be done for both IaaS and PaaS. Therefore, if we look at PaaS now, I think it is very difficult to provide services under one system. And Docker this flexible solution, only do a certain piece of service, and then assembled together may be a better way.

From the above we can also see that the current cloud computing model is far from the three-tier IaaS, PaaS, SaaS as simple. Many components can be used as a service. Where should these components be placed? In fact, the relationship is very complicated, each family has its own views, and these views still change a lot over time. One of my views is that it is easier to break through a single technology to make accepted components, and it is more difficult to reach agreement on the overall structure.

It is also troublesome that there is no perfect self-built IaaS for public cloud in China.

The underlying basic resources of PaaS must be flexible. If you adopt a self-built private cloud, you will probably need to build OpenStack, which is a lot of work. If rooted in the public cloud, China is not as mature as Amazon, Azure or Rackspace in the United States, Aliyun's API is not sound enough to support. In China, if the problem of resource elasticity at the bottom cannot be solved, PaaS will be a castle in the air.

Standards and interoperability are also headaches. Domestic Internet companies do not cooperate with each other enough, and they do not pay enough attention to standards and norms. Some people say that clouds are hydropower, but the problem is that hydropower is highly homogeneous, and we haven't seen which clouds are homogeneous yet. There are also some foreign companies that do cross-platform cloud management, which is even more difficult at home, which is also a potential risk of being a public PaaS.

Of course, the serious separation of domestic networks is also a negative impact on the development of cloud computing. These should not be considered by a PaaS provider, but our national conditions require us to consider them.

Need solid service support

PaaS also needs other services, such as Cache, load balancing, database, message queuing, and logging, which are valuable only if they all include the PaaS platform. When developers run applications on PaaS, if they have to build these services themselves, and then do HA, this deviates from the original intention of PaaS. Because, in fact, the application is not the focus of operation and maintenance, focusing on the peripheral services mentioned above, the operation and maintenance costs of these services are very high, and do not reflect the core values of developers.

JD.com did better. Because Cloud Foundry's services are not cloud-based, HA is not available. JD.com needs to do cloud, and he has done the basic services mentioned above.

Looking forward to Cloud Foundry, OpenShift, Azure

Cloud Foundry will launch a commercial version this year, Azure is paying more and more attention to the open source community, and OpenShift continues its cloud strategy. At the end of the interview, Cheng Xianfeng made a summary:

JD.com uses OpenStack + Cloud Foundry at the bottom of the cloud and will still follow the Internet-style technical route in the long run. Maybe a month later, JD.com would have chosen OpenShift, because from a technical point of view, OpenShift is a little better than Cloud Foundry.

The OpenShift code is fairly regular, while the Cloud Foundry code is not the product of the community, and in many places it is not like the work of a big company. In my opinion, most of them do not end well in history if they are separated from the community and do one thing alone.

From some of the reports I read, VMware's lead in virtualization technology is no longer obvious. There is no obvious difference between Microsoft's platform and VMware. After all, Microsoft has an operating system and a lot of commercial software, which is difficult for other companies to own. At the same time, Microsoft has its own commercial public cloud Azure, which is a good testing ground for new technologies, and VMware has not yet operated its own public cloud.

This is the end of the content of "what are the advantages of Container". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.