The Two Sides of Containers: Exploring the Balance Between Isolation and Performance of Virtualized Network Functions
Abstract
Network Function Virtualization (NFV) has been suggested as a solution to the telecommunications industry’s dependence on deploying dedicated physical devices to provide new functionality. Before NFV is widely adopted by the industry, it is essential that its robustness and performance aren’t far from what is observed in traditional middlebox solutions. The use of containers has been recently studied as a lightweight alternative to the vastly employed hardware virtualization. However, most studies don’t examine the effect of exerting isolation in the performance of containers. This factor can be decisive and should not be overlooked, specially considering that implementing isolation is a more intricate endeavour in containers than in hardware virtualization. This paper aims to characterize the trade-off relationship between isolation and performance in container based NFV environments, exploring technologies regarding isolation, communication, network functions and anomalies.
References
Barbosa, J., Oliveira, V., Bandini, M., Schulze, B., and Mury, A. (2014). N-Clusters : Ferramenta para a Gerência de Ambientes de Computação Massivamente Paralela e Distribuída. XXXII Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, pages 1003–1010.
Claassen, J., Koning, R., and Grosso, P. (2016). Linux containers networking: Performance and scalability of kernel modules. Proceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, pages 713–717.
Felter, W., Ferreira, A., Rajamony, R., and Rubio, J. (2015). An updated performance comparison of virtual machines and Linux containers. 2015 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS), pages 171–172.
Han, B., Gopalakrishnan, V., Ji, L., and Lee, S. (2015). Network function virtualization: Challenges and opportunities for innovations. IEEE Communications Magazine, 53(2):90–97.
Heideker, A. and Kamienski, C. (2016). Gerenciamento Flexível de Infraestrutura de Acesso. XXXIV Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos.
Mijumbi, R., Serrat, J., Gorricho, J.-l., Bouten, N., Turck, F. D., and Member, S. (2016). Network Function Virtualization : State-of-the-Art and Research Challenges. IEEE Communications Surveys and Tutorials, 18(1):236–262.
Morabito, R., Kjällman, J., and Komu, M. (2015). Hypervisors vs. lightweight virtualization: A performance comparison. Proceedings - 2015 IEEE International Conference on Cloud Engineering, IC2E 2015, pages 386–393.
Netto, H., Lung, L. C., Correia, M., and Luiz, A. F. (2016). Gerenciamento Flexível de Infraestrutura de Acesso. XXXIV Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos.
Souza, J., Santos, A., Bandini, M., and Kl, H. (2016). Rufus : Ferramenta para o Gerenciamento de Infraestrutura para a Execução de Aplicações em Containers. XXXIV Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos.
