Showing 1–1 of 1 results for author: van Rijn, V

A Fresh Look at the Architecture and Performance of Contemporary Isolation Platforms

Authors: Vincent van Rijn, Jan S. Rellermeyer

Abstract: With the ever-increasing pervasiveness of the cloud computing paradigm, strong isolation guarantees and low performance overhead from isolation platforms are paramount. An ideal isolation platform offers both: an impermeable isolation boundary while imposing a negligible performance overhead. In this paper, we examine various isolation platforms (containers, secure containers, hypervisors, unikern… ▽ More With the ever-increasing pervasiveness of the cloud computing paradigm, strong isolation guarantees and low performance overhead from isolation platforms are paramount. An ideal isolation platform offers both: an impermeable isolation boundary while imposing a negligible performance overhead. In this paper, we examine various isolation platforms (containers, secure containers, hypervisors, unikernels), and conduct a wide array of experiments to measure the performance overhead and degree of isolation offered by the platforms. We find that container platforms have the best, near-native, performance while the newly emerging secure containers suffer from various overheads. The highest degree of isolation is achieved by unikernels, closely followed by traditional containers. △ Less

Submitted 21 October, 2021; originally announced October 2021.

Journal ref: Proceedings of the 22nd ACM/IFIP International Middleware Conference, 2022