[Beowulf] Docker vs KVM paper by IBM
andrew.holway at gmail.com
Mon Jan 26 11:10:42 PST 2015
The most interesting subject around docker is security and the fact that it
provides pretty much null actual "containerisation"
On 26 January 2015 at 18:57, Prentice Bisbal <prentice.bisbal at rutgers.edu>
> It's amazing what you can get published. Those results seem pretty obvious
> to me.
> On 01/21/2015 04:26 PM, Andrew Holway wrote:
>> On 19 August 2014 at 18:16, Kilian Cavalotti
>> <kilian.cavalotti.work at gmail.com> wrote:
>>> Hi all,
>>> On Tue, Aug 19, 2014 at 7:10 AM, Douglas Eadline <deadline at eadline.org>
>>>> I ran across this interesting paper by IBM:
>>>> An Updated Performance Comparison of Virtual Machines and Linux
>>> It's an interesting paper, but I kind of feel it's comparing apple to
>>> oranges. They're both round and tasty, but it's not really the same
>>> There's probably no need to detail this, but KVM is a virtualization
>>> infrastructure that run full stack OSes (using their own kernels) on
>>> top of a Linux kernel turned into an hypervisor. So yes, it carries
>>> the overhead of running a kernel over a kernel, but also the
>>> flexibility of doing so (ie. you can run different kernel/OS versions
>>> on top of each other, use virtual devices and so on).
>>> Docker, on the other hand, is a containerization infrastructure that
>>> run processes on top of an existing, regular kernel. Not to diminish
>>> its merits, which are great in many areas, but it's closer to a kind
>>> of glorified chroot.
>>> So, it's no surprise that Docker performance would be the same as the
>>> underlying OS's, while KVM overhead is much more important. There's a
>>> full layer of virtualization difference between the two.
>>> And they also a ran single VM or container per host. It would probably
>>> also be interesting to see what happens when your run multiple VMs or
>>> multiple containers on the same host.
>>> I guess it's nice somebody took the time to do the test, to ensure
>>> that Docker management or the LXC infrastructure was not impacting the
>>> containers performance too much, but I'm not sure I really understand
>>> the goal of the paper. Worst case, it will probably be misleading for
>>> people who will end up comparing two different tools with very
>>> different purposes and use cases. "What do you mean I can not upgrade
>>> the kernel in my container?"
>>> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
>>> To change your subscription (digest mode or unsubscribe) visit
>> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
>> To change your subscription (digest mode or unsubscribe) visit
> Prentice Bisbal
> Manager of Information Technology
> Rutgers Discovery Informatics Institute (RDI2)
> Rutgers University
> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
> To change your subscription (digest mode or unsubscribe) visit
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Beowulf