Container-based operating system virtualization

TLDR

Hypervisors such as Xen and VMware are becoming commodity, yet many high‑performance computing and hosting scenarios still demand system virtualization with strong isolation and efficiency, prompting interest in container‑based approaches like Solaris 10, Virtuozzo, and Linux‑VServer. This paper proposes Linux‑VServer as a container‑based alternative to hypervisors, detailing its design and implementation for high‑performance, isolated system virtualization. Linux‑VServer combines resource and security container techniques within a general‑purpose, time‑shared OS to provide efficient, isolated virtualization. Compared with current Xen generations, Linux‑VServer delivers comparable isolation while achieving superior system efficiency.

Abstract

Hypervisors, popularized by Xen and VMware, are quickly becoming commodity. They are appropriate for many usage scenarios, but there are scenarios that require system virtualization with high degrees of both isolation and efficiency . Examples include HPC clusters, the Grid, hosting centers, and PlanetLab. We present an alternative to hypervisors that is better suited to such scenarios. The approach is a synthesis of prior work on resource containers and security containers applied to general-purpose, time-shared operating systems. Examples of such container-based systems include Solaris 10, Virtuozzo for Linux, and Linux-VServer. As a representative instance of container-based systems, this paper describes the design and implementation of Linux-VServer. In addition, it contrasts the architecture of Linux-VServer with current generations of Xen, and shows how Linux-VServer provides comparable support for isolation and superior system efficiency.

References

Page 1

	Year	Citations

Page 1