Version 4 (modified by Ted Faber, 12 years ago) (diff)


The DETER Containers System

The Containers system enables experimenters to create large-scale DETER topologies that support differing degrees of fidelity in individual elements. In order to create an experiment larger than the 400+ computers in DETER, experimenters must use virtualization, simulation, or some other abstraction to represent their topology. The container system guides this process allowing experimenters to create large experimental environments that can be used to gather correct results.

The container system is built on top of the Emulab-based resource allocation that underlies the DETERlab testbed, extening it to provide multiple implementations of virtual nodes. Most DETER tools that run on physical experiments can be used directly on containerized experiments. Experimenters find working in a containerized experiment very similar to working in physical DETER experiments.

We sketch the model and facility below.

Model of Operation

An experimenter comes to DETER with an experimental topology of computers and networks and an experiment to carry out on that topology, and the container system allocates resources in the configuration specified. The experimenter can directly access the comuters in order to carry out the experiment. The computers themselves are either physical computers or some virtual computers that emulate a computer at an acceptable level of fidelity. Multiple experiments may be in progress at once using DETER resources, and they are protected from interfering with one another.

Containers present researchers with more resources while preserving the DETER interfaces. The process of converting a topology description to an isolated collection of networked computers is basically the same as when an experimenter creates a physical topology on DETERLab. The difference is that a containerized experiment is configured to present more experimental resources than physical ones, preserving the DETER interface.

A little more completely, the container system lays out the virtual computers into a physical layout of computers and uses the DETER resource allocation system to allocate that physical layout. Then the container system installs and configures the appropriate virtualization technologies in that environmnrt to create the virtual environment.

Block diagram

The experiment topology is an given in an extended version of DETER's ns2 syntax, or in topdl, a topology description language. Currently experimenters pick containers directly using those languages.

Kinds of Containers

A container is a virtualization technology, like a virtual machine implementation. We use the term container to mean any one of the various virtualization technologies from an openvz container to a physical machine to a simulation. The container system gives us a way to create interconnections of containers (in our sense) holding different experiment elements. A containerized topology might include a physical machine, a qemu virtual machine and a openvz container that can all commuinicate transparently.

The container system framework supports multiple kinds of containers, but at this point researchers can request these:

Container Type Fidelity Scalability
Physical Machine Complete fidelity 1 per physical machine
Qemu virtual Machine Virtual hardware 10's of containers per physical machine
Openvz container Partitioned resources in one Linux kernel 100's of contatiners per physical machine
ViewOS process Process with isolated network stack 1000's of containers per physical machine

Further Information

Attachments (1)

Download all attachments as: .zip