Re: [Lsf-pc] [LSF/MM TOPIC] VM containers

From: James Bottomley
Date: Fri Jan 22 2016 - 11:05:15 EST

Next message: Rob Herring: "Re: [PATCH v4 1/2] devicetree: add binding for Sigma Designs SMP86xx interrupt controller"
Previous message: Josh Poimboeuf: "Re: [PATCH 26/33] x86/kvm: Add stack frame dependency to test_cc() inline asm"
In reply to: Rik van Riel: "[LSF/MM TOPIC] VM containers"
Next in thread: Johannes Weiner: "Re: [LSF/MM TOPIC] VM containers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2016-01-22 at 10:56 -0500, Rik van Riel wrote:
> Hi,
>
> I am trying to gauge interest in discussing VM containers at the
> LSF/MM
> summit this year. Projects like ClearLinux, Qubes, and others are all
> trying to use virtual machines as better isolated containers.
>
> That changes some of the goals the memory management subsystem has,
> from "use all the resources effectively" to "use as few resources as
> necessary, in case the host needs the memory for something else".
>
> These VMs could be as small as running just one application, so this
> goes a little further than simply trying to squeeze more virtual
> machines into a system with frontswap and cleancache.
>
> Single-application VM sandboxes could also get their data
> differently,
> using (partial) host filesystem passthrough, instead of a virtual
> block device. This may change the relative utility of caching data
> inside the guest page cache, versus freeing up that memory and
> allowing the host to use it to cache things.
>
> Are people interested in discussing this at LSF/MM, or is it better
> saved for a different forum?

Actually, I don't really think this is a container technology topic,
but I'm only objecting to the title not the content. I don't know
Qubes, but I do know clearlinux ... it's VM based. I think the
question that really needs answering is whether we can improve the
paravirt interfaces for memory control in VMs. The biggest advantage
containers have over hypervisors is that the former know exactly what's
going on with the memory in the guests because of the shared kernel and
the latter have no real clue, because of the separate guest kernel
which only communicates with the host via hardware interfaces, which
leads to all sorts of bad scheduling decisions.

If I look at the current state of play, it looks like Hypervisors can
get an easy handle on file backed memory using the persistent memory
interfaces; that's how ClearLinux achieves its speed up today.
However, controlling guests under memory pressure requires us to have
a handle on the anonymous memory as well. I really think a topic
exploring paravirt interfaces for anonymous memory would be really
useful.

James

Next message: Rob Herring: "Re: [PATCH v4 1/2] devicetree: add binding for Sigma Designs SMP86xx interrupt controller"
Previous message: Josh Poimboeuf: "Re: [PATCH 26/33] x86/kvm: Add stack frame dependency to test_cc() inline asm"
In reply to: Rik van Riel: "[LSF/MM TOPIC] VM containers"
Next in thread: Johannes Weiner: "Re: [LSF/MM TOPIC] VM containers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]