PDF Editor
PDF Converter
Image Converter
Video Converter
Audio Converter
File Compressor
microservices unikernels portland state university cs

Microservices, Unikernels Portland State University CS 430P/530 - PowerPoint PPT Presentation

May 11, 2023 •360 likes •917 views

Virtual machines, Containers, Microservices, Unikernels Portland State University CS 430P/530 Internet, Web & Cloud Systems When en disks sks wer ere e flopp ppy.. .. WTH? Portland State University CS 430P/530 Internet, Web &

  1. Virtual machines, Containers, Microservices, Unikernels

  2. Portland State University CS 430P/530 Internet, Web & Cloud Systems

  3. When en disks sks wer ere e flopp ppy.. ..  WTH? Portland State University CS 430P/530 Internet, Web & Cloud Systems

  4. Sing ngle le pr process cess sy syst stem ems  Apple II, TRS-80  Single memory address space using real memory  Single CPU not shared  OS disk loads OS onto computer  OS loads program from another disk that takes over entire machine  Repeat entire sequence when you want to run another program Portland State University CS 430P/530 Internet, Web & Cloud Systems

  5.  How did it differ architecturally? Portland State University CS 430P/530 Internet, Web & Cloud Systems

  6. Mul ultipr tiprocess ocess shared red mem emory  Original Macintosh  Multiple processes and OS share CPU/memory  Explicit switching between processes  Still have a single, shared, real-memory address space Portland State University CS 430P/530 Internet, Web & Cloud Systems

  7. Issue…  Provides no isolation between apps and OS  Memory errors in one process can corrupt both the OS and other processes Portland State University CS 430P/530 Internet, Web & Cloud Systems

  8. How w did d th thes ese e sy syst stem ems s differ? er? Portland State University CS 430P/530 Internet, Web & Cloud Systems

  9. Mul ultipr tiprocess ocess virtual tual mem emory  IBM System 370 (1972), Windows NT (1993)  Operating system and hardware coordinate to provide virtual memory abstraction  Each process believes it owns all of real memory  OS implements a namespace for memory using PID  e.g. real addr = f(process ID, virtual addr)  Each process believes it owns the CPU  OS scheduler virtualizes CPU using process ID and stored CPU state  Transparent time-slicing of underlying CPU  All share underlying hardware through OS  Provides a “virtual computer” -ish abstraction Portland State University CS 430P/530 Internet, Web & Cloud Systems

  10. Multiprocess shared memory Multiprocess virtual memory (Real shared CPU/RAM/OS) (Virtual CPU/RAM, Real OS) Single process machines (Real CPU/RAM/OS) What resources are not virtualized in the OS? Portland State University CS 430P/530 Internet, Web & Cloud Systems

  11. Mul ultipr tiprocess ocess virtual tual mem emory y issue ues  Processes still share some operating system resources explicitly  File system  Networking ports  Users/groups  e.g. only memory has a name space (PID:VirtualAddress)  Security break in one application breaks others  Motivates… Portland State University CS 430P/530 Internet, Web & Cloud Systems

  12. Virtual tual Machin chine e (VMs) s)  Virtualize hardware to allow multiple operating systems to run  Like a name space for hardware resources  VM contains entire OS and application state  Virtualization layer multiplexes them onto underlying hardware  Virtualization (Hypervisor) Layer  Decouples OS from hardware  Enforces machine isolation and resource allocation between VMs  Each VM sees its own CPU, memory, network components, operating systems, and storage isolated from others (in theory… Spectre)  Hardware support via additions to x86 with Intel VT-x and AMD-V (2005) Portland State University CS 430P/530 Internet, Web & Cloud Systems

  13. Virtual tual ma machines hines  Ancient idea  Takes until 1999 before x86 gets its first hypervisor via VMware From IBM VM/370 product announcement, ca . 1972 2015 Portland State University CS 430P/530 Internet, Web & Cloud Systems

  14. Why virtu tualize alize?  Mail server, Database server, Web server all running different software stacks  Typically use a small percentage of resources on a single machine  Can get isolation of domains and better resource usage if multiplexed onto the same hardware using VMs  Prevent a compromise of one leading to a compromise of the other  On client…idea behind per-application VMs in QubesOS, Bromium Portland State University CS 430P/530 Internet, Web & Cloud Systems

  15. Types pes of hype pervis visor ors  Type-2 hypervisor  Host OS runs hypervisor (virtual machine monitor, virtualization layer)  Hypervisor runs independent guest VMs  Hypervisor traps privileged calls made by guest VMs and forwards them to host OS  Guest OSes must be hardware- compatible (e.g. can’t run an IBM AIX VM on your x86 laptop)  Examples: VMware Player, Virtual PC, VirtualBox, Parallels Portland State University CS 430P/530 Internet, Web & Cloud Systems

  16. Types pes of hype pervis visor ors  Type-1 (bare-metal) hypervisor  Removes underlying host OS  Hypervisor runs natively on hardware  Commonly used in data centers  Examples: KVM (used by GCP), Xen (used by AWS), Hyper-V (used by Azure), VMware ESXi Portland State University CS 430P/530 Internet, Web & Cloud Systems

  17. Multiprocess shared memory Multiprocess virtual memory (Real shared CPU/RAM/OS) (Virtual CPU/RAM, Real OS) Single process machines (Real CPU/RAM/OS) Virtual Machines (Virtual hardware, Real OS) Portland State University CS 430P/530 Internet, Web & Cloud Systems

  18. Iss ssue ues s wi with th VMs  Start-up time  Bringing VMs up and down requires OS boot process  Size  Entire OS and libraries replicated in memory and file system  Requires large amounts of resources (i.e. RAM) to multiplex guest OSes  Want isolation VMs provide without full replication of software stack  Not quite portable  VMs running on one cloud provider under one hypervisor can not be run on another cloud provider under a different one without modification  e.g. Moving an AWS EC2 instance to Google Compute Engine  Motivates… Portland State University CS 430P/530 Internet, Web & Cloud Systems

  19. Container tainers  Virtualize the operating system  So far  Traditional operating systems virtualize CPU and memory (e.g. processes)  Leave file-system and network shared amongst applications  Virtual machines virtualize hardware  Allows many types of guest OSes to run on a single machine (Windows, Linux) with complete separation  But, VM includes application, all of its libraries, and an entire operating system (10s of GB) Portland State University CS 430P/530 Internet, Web & Cloud Systems

  20. Container tainers  Virtualize the operating system  Container provides only application and its libraries running all in user-space  Operating system not replicated, but rather shared by containers  Each container sees its own virtual operating system  How? Portland State University CS 430P/530 Internet, Web & Cloud Systems

  21. Container tainer-enable enabled d OS OS (Linux nux 2008)  Provide name-spaces within kernel to isolate containers  Similar to PIDs providing namespace for virtual memory  But, virtualizes most of the rest (file system, network resources, etc).  Enforces isolation and performs resource allocation between containers  However, only compatible containers can run on top  e.g. only Linux containers can run on an underlying Linux OS Portland State University CS 430P/530 Internet, Web & Cloud Systems

  22. VMs s vs C s Cont ntainer ainers VM Container Container-enabled Portland State University CS 430P/530 Internet, Web & Cloud Systems

  23. Impl plementat ementation ion  Linux kernel provides “control groups” ( cgroups )  Introduced in 2008 (kernel 2.6.24)  Provide limits and prioritization of resources within OS per group  CPU, memory, block I/O, network, etc.  Done within OS instead of hypervisor  Namespace isolation via cgroups allows complete isolation of an applications' view of the operating environment  Separate process trees and PIDs  Separate networking system and sockets  Separate user IDs  Separate file systems (similar to chroot and BSD jails 2000)  Each associated with cgroup of container  Minimal replication costs in space/memory due to shared OS code Portland State University CS 430P/530 Internet, Web & Cloud Systems

  24. Be Benef efits its  Provides similar isolation and protection, but with lower overhead than VMs  Fast starting (better for autoscaling than VMs)  Memory footprint much smaller than a VM (can support 4-6x more)  Portable  Images contain all files and libraries needed to run  Runs the same on any compatible underlying OS  Repeatable  Runs the same regardless of where they are run  Runs on any cloud provider the same way  Solves the “works on my machine” problem (especially in courses!) Portland State University CS 430P/530 Internet, Web & Cloud Systems

  25.  Unify Dev and Production environments  Can go straight from one to the other without modification  Trivial to on-board new developers docker run company/dev_environment Developers IT , Cloud Operations SHIP RUN BUILD Create & Store Deploy, Manage, Development Images Scale Environments Portland State University CS 430P/530 Internet, Web & Cloud Systems

Recommend

Microservices Security Fundamentals MICROSERVICES SECURITY CHALLENGES Wojciech Lesniak PRINCIPAL

Microservices Security Fundamentals MICROSERVICES SECURITY CHALLENGES Wojciech Lesniak PRINCIPAL

Microservices Security Fundamentals MICROSERVICES SECURITY CHALLENGES Wojciech Lesniak PRINCIPAL DEVELOPER / TECH LEAD @voit3k Microservices International Data Corporation (IDC) predicts that by: 2019 Q1 Microservices International Data

641 views • 39 slides
uniprof: Transparent Unikernel Performance Profiling & Debugging Florian Schmidt, Research

uniprof: Transparent Unikernel Performance Profiling & Debugging Florian Schmidt, Research

uniprof: Transparent Unikernel Performance Profiling & Debugging Florian Schmidt, Research Scientist, NEC Europe Ltd. Unikernels? Faster, smaller, better! 2 Unikernels? Faster, smaller, better! clip arts: clipproject.info Unikernels

1.14k views • 71 slides
Solo5: A sandboxed, re-targetable execution environment for unikernels Dan Williams (IBM

Solo5: A sandboxed, re-targetable execution environment for unikernels Dan Williams (IBM

03/02/2019 Solo5: A sandboxed, re-targetable execution environment for unikernels Solo5: A sandboxed, re-targetable execution environment for unikernels Dan Williams (IBM Research), djwillia@us.ibm.com Martin Lucina (robur.io / CCT),

680 views • 32 slides
Portland Cement Concrete Portland Cement Concrete Portland cement concrete consists of a mixture

Portland Cement Concrete Portland Cement Concrete Portland cement concrete consists of a mixture

Portland Cement Concrete Portland Cement Concrete Portland cement concrete consists of a mixture of portland cement, coarse and fine aggregates, and water. It may be amended with admixtures, fibers, or certain supplementary cementitious

1.26k views • 78 slides
WHAT COMES AFTER MICROSERVICES? MATT RANNEY WHAT COMES AFTER MICROSERVICES? MATT RANNEY We

WHAT COMES AFTER MICROSERVICES? MATT RANNEY WHAT COMES AFTER MICROSERVICES? MATT RANNEY We

WHAT COMES AFTER MICROSERVICES? MATT RANNEY WHAT COMES AFTER MICROSERVICES? MATT RANNEY We hired lots of engineers. They wrote lots of software. This causes lots of problems. Why use microservices at all? Easier releases? Ef fj ciency

709 views • 55 slides
FROM HTTP TO KAFKA-BASED FROM HTTP TO KAFKA-BASED MICROSERVICES MICROSERVICES Wojciech Rzsa,

FROM HTTP TO KAFKA-BASED FROM HTTP TO KAFKA-BASED MICROSERVICES MICROSERVICES Wojciech Rzsa,

7/17/2019 From HTTP to Kafka-based microservices FROM HTTP TO KAFKA-BASED FROM HTTP TO KAFKA-BASED MICROSERVICES MICROSERVICES Wojciech Rzsa, FLYR Poland @wrzasa localhost:4567/index.html?print-pdf#/ 1/83 From HTTP to Kafka-based

1.15k views • 83 slides
Microservices and OSGi running with Apache Karaf Agenda No free Lunch - microservices

Microservices and OSGi running with Apache Karaf Agenda No free Lunch - microservices

Microservices and OSGi running with Apache Karaf Agenda No free Lunch - microservices microservices or Service? Free Lunch? - OSGi Services Services in the Apache Karaf ecosystem Showcase: https:/

690 views • 44 slides
Portland Housing Bureau Presentation to the Portland Clean Energy Fund Grant Committee PCEF

Portland Housing Bureau Presentation to the Portland Clean Energy Fund Grant Committee PCEF

Portland Housing Bureau Presentation to the Portland Clean Energy Fund Grant Committee PCEF Presentation | 2/18/2020 | Portland Housing Bureau Portland Housing Bureau What We Do Production and Preventing Ending Homeownership

265 views • 25 slides
Why Portland? Portland CRE Trends and Regional Market Overview Portland Why all the hype?

Why Portland? Portland CRE Trends and Regional Market Overview Portland Why all the hype?

Why Portland? Portland CRE Trends and Regional Market Overview Portland Why all the hype? Healthiest Economy Best Place to Live in US #1 #1 Bloomberg - Economic Evaluation of Money magazine 2015 States 2016 Top Moving US City for

319 views • 21 slides
Part 1: Overview of Portland Loo- Development, Design and Features 2 What is the Portland Loo?

Part 1: Overview of Portland Loo- Development, Design and Features 2 What is the Portland Loo?

The Portland Loo : World Class Solution to Your Citys Public Restroom Needs Part 1: Overview of Portland Loo- Development, Design and Features 2 What is the Portland Loo? The Portland Loo is a single occupancy, public toilet with

670 views • 32 slides
Seattle, Wa Portland, Or Portland, Or Portland, Or

Seattle, Wa Portland, Or Portland, Or Portland, Or

Seattle, Wa Portland, Or Portland, Or Portland, Or

381 views • 4 slides
Beyond Microservices: Streams, State and Scalability Gwen Shapira, Engineering Manager @gwenshap

Beyond Microservices: Streams, State and Scalability Gwen Shapira, Engineering Manager @gwenshap

1 Beyond Microservices: Streams, State and Scalability Gwen Shapira, Engineering Manager @gwenshap 2 In the beginning 3 We Have Microservices 3 4 We Microservices 4 5 They need to communicate 5 I know! Ill use REST APIs 6

751 views • 64 slides
Events First Microservices Jonas Bonr @jboner So, you want to do microservices? Make sure

Events First Microservices Jonas Bonr @jboner So, you want to do microservices? Make sure

Designing Events First Microservices Jonas Bonr @jboner So, you want to do microservices? Make sure you dont end up with Microliths Make sure you dont end up with Microliths We can do better than this Events First Domain Driven

1.68k views • 150 slides
KrakenD API Gateway Product overview @devopsfaith Microservices are challenging The need for

KrakenD API Gateway Product overview @devopsfaith Microservices are challenging The need for

KrakenD API Gateway Product overview @devopsfaith Microservices are challenging The need for agility and scalability has driven Microservices adoption, but: 91% of Internet businesses are using or have plans to use microservices 86% expect

696 views • 53 slides
Microservices: Service Oriented Development Rafael Schloming How do I break up my monolith? How

Microservices: Service Oriented Development Rafael Schloming How do I break up my monolith? How

Microservices: Service Oriented Development Rafael Schloming How do I break up my monolith? How do I architect my app with microservices? What infrastructure do I need in place before I can benefit from microservices? datawire.io 2

770 views • 50 slides
Microservices and Monorepos Match made in heaven? Sven Erik Knop, Perforce Software Overview

Microservices and Monorepos Match made in heaven? Sven Erik Knop, Perforce Software Overview

Microservices and Monorepos Match made in heaven? Sven Erik Knop, Perforce Software Overview Microservices refresher Microservices and versioning What are Monorepos and why use them? These two concepts seem to contradict why

1.08k views • 23 slides
j t t t q t t t t t q t t LAW-MWE-CxG-2018 @ COLING 2018 t q t q t t t t t q t t t t t

j t t t q t t t t t q t t LAW-MWE-CxG-2018 @ COLING 2018 t q t q t t t t t q t t t t t

q q q t t q t t t t q t t t t t q t t t t t q t to Enhanced Universal Dependencies t t t q t t t t q t From Lexical Functional Grammar t t t q t t t t t q t Adam Przepirkowski and Agnieszka Patejuk t t q t t t q j t t

689 views • 37 slides
Talk to me Drupal Talk to me Drupal Using Drupal to power a Voice App Speaker notes Talk to me

Talk to me Drupal Talk to me Drupal Using Drupal to power a Voice App Speaker notes Talk to me

Talk to me Drupal Talk to me Drupal Using Drupal to power a Voice App Speaker notes Talk to me Drupal; Using Drupal to power a Voice App You should be able to follow along by visiting the link below. If you have an Echo device, please mute the

1.67k views • 87 slides
Learning to Compose Relational Embeddings in Knowledge Graphs Wenye Chen, Huda Hakami, Danushka

Learning to Compose Relational Embeddings in Knowledge Graphs Wenye Chen, Huda Hakami, Danushka

Learning to Compose Relational Embeddings in Knowledge Graphs Wenye Chen, Huda Hakami, Danushka Bollegala Relation Composition Knowledge Graphs (KG) (e.g. Freebase) represent knowledge in the form of relations between entities (Tim Cook,

168 views • 16 slides
Categorizing objects: global and part based models global and part-based models of appearance

Categorizing objects: global and part based models global and part-based models of appearance

9/21/2012 Categorizing objects: global and part based models global and part-based models of appearance Kristen Grauman UT Austin Generic categorization problem 1 9/21/2012 Challenges: robustness Realistic scenes are crowded, cluttered,

699 views • 54 slides
CNT 5410 - Computer and Network Security: Web Security Professor Kevin Butler Fall 2015

CNT 5410 - Computer and Network Security: Web Security Professor Kevin Butler Fall 2015

CNT 5410 - Computer and Network Security: Web Security Professor Kevin Butler Fall 2015 Southeastern Security for Enterprise and Infrastructure (SENSEI) Center Network vs. Web Security Southeastern Security for Enterprise and Infrastructure

710 views • 58 slides
Through Computer and Information Science June 4, 2012 ICCS2012 Dr. Frederica Darema Air Force

Through Computer and Information Science June 4, 2012 ICCS2012 Dr. Frederica Darema Air Force

New Frontiers Through Computer and Information Science June 4, 2012 ICCS2012 Dr. Frederica Darema Air Force Office of Scientific Research Integrity Service Excellence 12 June 2012 1 Transformation Inducing Directions

665 views • 55 slides
Activity 1 Word Classes Starter spellings augh/ough The grapheme ough is a very

Activity 1 Word Classes Starter spellings augh/ough The grapheme ough is a very

Activity 1 Word Classes Starter spellings augh/ough The grapheme ough is a very rare spelling variation of the /or/ (or /aw/) phoneme. Words such as ought, nought, bought and thought, however, are used very

1.08k views • 103 slides
Neural Network Basics Niloy Mitra Iasonas Kokkinos Paul Guerrero Vladimir Kim Kostas Rematas

Neural Network Basics Niloy Mitra Iasonas Kokkinos Paul Guerrero Vladimir Kim Kostas Rematas

Deep Learning for Graphics Neural Network Basics Niloy Mitra Iasonas Kokkinos Paul Guerrero Vladimir Kim Kostas Rematas Tobias Ritschel UCL UCL/Facebook UCL Adobe Research U Washington UCL EG Course Deep Learning for Graphics Timetable

2.26k views • 188 slides

More recommend

Logo Sambuz

Unleash a World of Digital Possibilities—Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Contact

Newsletter

Stay Informed & Inspired—Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2025 SAMBUZ, All right reserved.