Re-Imagining the Container Stack to Optimize Space and Speed


The line between containers and VMs can be thought of as a continuum, according to Graham Whaley, Sr. Software Engineer at Intel. In his keynote at LinuxCon Europe, he talked about the spectrum between fully featured, accelerated, secure, VM features all the way down to the barest minimum lightweight container. He says, “Some people want one end of the spectrum, really time-critical, other people want security. We don’t have that today. What we’d like is a continuous choice of features. … That’s something we’re trying to enable.”

Whaley also talked about two VM myths:

  • VMs don’t have to be big: “I’ve seen embedded systems running hypervisors with tiny amounts of RAM. Admittedly, that VM may not have the features that you want to run a container, but it’s not actually that far off. Containers don’t require that many features at the bottom end.”
  • And they aren’t always slow: “Along with, or parallel with, ‘I’m big,’ comes slow. If you’re not that big, it’s pretty hard to be slow, if you’re very very small. Yeah, VMs don’t have to be this humongous behemoth that you can’t really use in your container space because they’re just too slow. That’s a legacy thing. We can move beyond that.”

Whaley talked about “re-imagining what we can do in the whole container cloud stack” with the goal of making a tenfold improvement in performance. The key to getting this kind of performance improvement is to take a fresh look without assuming that you need something equivalent to a self-contained PC. Their approach is to “throw that away, start again, and pick out the pieces we need from the VM.” By being very selective and only including the bare minimum of what is needed along with also using some new technologies that increase performance, they are getting sub-50-millisecond boot times with around 50MB per container instance overhead.

Whaley wraps it up with more information about next steps and where you can go to participate: “We do continue to optimize space and speed. Really, we want to look for that next tenfold improvement. What’s that next leap of faith, that change of architecture? We are redefining what’s possible. We’re an open project. … The code is available now on GitHub. We have an IRC channel and mailing list. Come to the web site where there’s Clear Linux, Clear Containers and Ciao.”

Watch the entire video to learn more about the Clear Linux project and Intel’s approach to improving performance of containers and VMs.

LinuxCon Europe videos