Professional Documents
Culture Documents
net/publication/318816158
CITATIONS READS
29 7,077
3 authors:
Mohammad Ahmadi
Asia Pacific University of Technology and Innovation
20 PUBLICATIONS 98 CITATIONS
SEE PROFILE
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Babak Bashari Rad on 09 August 2018.
5.1 Speed
Speed is one of the most exceedingly touted advantages of
Fig. 3 Docker Container architecture [11].
Containers. When the benefits of using docker are
highlighted, it would be incredible not to mention about the
According to Waldspurger (2002), in the Linux containers, speed of docker in the conversation (Chavis & Architect,
an architecture is to manage CPU and distribute its 2015). The time required to build a container is very fast
resources more proficiently. In any example of Hyper-V or because they are really small. Development, testing, and
VMWare, because of overhead incurred, it is not easy to run deployment can be done faster as containers are small.
more than ten virtual machines [13]. Up to a great extent, Containers can be pushed for testing once they have been
this issue has been solved by the containers. Containers only built and then from there, on to the production environment
utilize those resources, which are needed for the services or [12].
applications. Therefore, on a weak configured machine,
above 50 requests of the containers can be executed.
5.2 Portability
For example, suppose an organisation provides email Those applications that are built inside docker containers
security services. The major functions of these services are are extremely portable. These portable applications can
to check emails for viruses, spam, and malware. Moreover, easily be moved as a single element and the performance
it could manage to transfer messages to the agent, logs and remains the same [12].
report delivery failure if the product is installed in the cloud
[10]. Mostly in these cases, there is no use of any associated 5.3 Scalability
dependencies or OS level libraries or any kernel data
structure. Therefore, it is worthwhile to containerized every Docker has the ability that it can be deployed in several
component by sandboxing them utilizing OpenVZ or physical servers, data servers, and cloud platforms. It can
Docker instead of having virtual machines. also be run on every Linux machine. Containers can easily
In many enterprises, virtual machines are used to perform be moved from a cloud environment to local host and from
element testing. In this process, a lot of CPU resources and there back to cloud again at a fast pace. Adjustments can
memory space are consumed. Whereas, container easily be done; the scale can simply be adjusted by the user
technology provides a guarantee to their users that excess of according to the need [5].
a workload would not affect the efficiency of the resources.
The container takes less time for installation as compared to 5.4 Rapid Delivery
virtual machines, so the adaptability of containers is much
higher than VMs. The format of a Docker Containers is standardized so
Furthermore, both Docker and OpenVZ have been under programmers do not have to stress over one another’s tasks.
great examination in terms of their security aspects. When The responsibility of the administrator is to deploy and
isolation is reduced, it directly affects the security, which maintain the server with containers, whereas the
also decreases rapidly. Root users of Linux can easily get responsibility of the programmer is to look after the
access to containers as containers also use the same kernel applications inside the docker container. Containers can
and operating system. The isolation of docker is not as work in every environment as they have all the required
strong as a virtual machine, even though docker isolates the dependencies embedded within the applications and they
application, which is running in the docker container from are all tested [12]. Docker provides a reliable, consistent,
its primary host. Additionally, it is possible that some of the and improved environment, so predictable results can be
applications would not be able to run in a containerized
IJCSNS International Journal of Computer Science and Network Security, VOL.17 No.3, March 2017 231
achieved when codes are moved between development, test dependent on the other tasks, and it is executed on the same
and production systems (Chavis & Architect, 2015). machine. However, LXC is much better in the sense of
getting most of the hardware resources or for the execution
5.5 Density of smaller isolated processes. In private and dot clouds,
LXC is a better option.
Docker uses the resources that are available more efficiently Felter et al. (2014) evaluate the performance of three
because it does not use a hypervisor. This is the reason that different environments, Native, Docker, and KVM [3]. He
more containers can be run on a single host as compared to clarifies that containers and VMs are both mature
virtual machines. The performance of a Docker Containers innovation that has profited from last 10 years of
is higher because of higher density and no overhead wastage incremental equipment and programming enhancements.
of resources [5]. According to this research, docker is equivalent to or
surpasses KVM execution for each situation they tried.
Their outcomes demonstrate that both KVM and docker
6. Disadvantages of Docker Container present irrelevant overhead for CPU and memory execution.
It has also been shown that the overall performance of
There are some drawbacks of docker containers, which are docker is better than the Local Host, as the applications
listed below [1, 4]: were executed and responded faster than in Local Host.
Moreover, fewer hardware resources were used in docker
Complete virtualization is not provided by a docker container to perform the tasks.
because it depends on the Linux kernel, which is Docker is really a future demanding technology. As users
provided by the local host. and developers would know more about the docker and its
Currently, docker does not run on older machines. It capabilities then they would consider replacing traditional
only supports 64-bit local machines. virtualization with docker technology. Docker provides
The complete virtualized environment must be many simple and useful features. To get the best
provided by the docker container for Windows and performance and results, it is highly recommended to move
Mac machines. Even though the boot2docker tool fills up from the default configuration. Containers provide
this gap, but still, it should be checked whether it makes advanced density, better performance, scalability, and
obstructions to acceptance by users of these systems or usability as compared with traditional virtualization
the integration and performance with the host because containers smartly utilize its resources, which
machine’s operating system are adequate [4]. reduce the chance of unnecessary overhead. Containers are
It is necessary that the possibility of security issues better in performance than virtual machine, because
should be evaluated. Building off trusting binaries containers take less start-up time. Docker has removed the
could be made easier by digitally signing docker biggest issue of “dependency”. Now containers have all of
images, for future support. their required dependencies, which help containers to be
An important concern is to check if the teaching properly built, and to execute them in any docker
community or scientific researcher will significantly environment. An additional layer of isolation is provided by
think of adopting docker. the container, which increases the containers’ security.
Docker is not as insecure as people normally think, but it
provides a complete protection.
7. Docker Performance
Seo et al. (2014) used two servers with the same
8. Docker vs. other Container Technology
configuration in the cloud environment. One server was
used for docker and the other one was for an Open Stack In this section, the performance of application virtualization
platform for KVM by means of a virtualization tool [8]. and the performance of the docker container will be
According to him, a VM works independently. This factor discussed, and the evaluation of other containerize
make it easy to apply and manage the policy of network, technology will be compared and reviewed. Seo et al.
security, user, and the system. However, docker does not (2014) summarize that there is no guest OS of docker in the
contain a guest operating system. Therefore, it takes very cloud, so the storage and the wastage of CPU resources are
little time in distributing and gathering images. The boot less [8]. The images are not disturbed; boot time is faster
time is also very short. These are the main advantages of and the time of generating the images is short. These are the
utilizing Docker Cloud as compared with VM Cloud. benefits of docker cloud in comparison with VM Cloud.
Scheepers (2014) compares LXC and Xen virtualization They used two similar servers with the same configuration
technologies to benchmark some applications [7]. He in the cloud environment. One server was used for docker
explains that Xen would be a better choice in the sense of and the other one was for an Open Stack platform for KVM
equally distributing resources, performance is not
232 IJCSNS International Journal of Computer Science and Network Security, VOL.17 No.3, March 2017
by means of a virtualization tool. Ubuntu Server was used Scheepers (2014) compares LXC and Xen virtualization
as a base platform [8]. technologies to benchmark some applications [7]. For this
To calculate the approximate boot-time, 20 images were purpose, Scheepers uses two servers Core OS 324.3.0 and
generated on each server and boot time was checked. Figure XenServer 6.2 with docker version 0.11.1. The
4 shows that the boot time of docker is lesser than the boot configuration of these systems is RAM 4GB, CPU Intel
time of KVM. Docker uses the Host OS, whereas KVM Xeon Quad core and the virtualization support is Intel VT-
uses Guest OS. Thus, the boot time of docker is shorter than X. The base operating system is Ubuntu 12.04 and
the boot time of KVM. containers will run on both machines. 2GB of memory is
allotted to the first virtual machine and Apache 2.2,
WordPress 3.9 and PHP 5.3. This was used as an application
Server. 1GB of memory is used by the second virtual
machine with MYSQL Database 5.5. This database was
filled by the WordPress sample contents. This machine was
used as a database Server. JMeter was used as a
benchmarked tool.
Figure 6 shows that LXC experienced less overhead as
compared to Xen when the SELECT query was run. The
focus on running this benchmark process is to see the
utilization of the CPU and the performance of the Network
speed because these are the main resources consumed in this
test.
Fig. 4 Docker vs KVM Average boot time [8].
Table 1: Comparison Table based on Different Virtual Machines and Containerized Technology
Seo et al. (2014) [8] Scheepers (2014) [7] Felter et al. (2014) [3]
XenServer
Docker KVM CoreOS (LXC) Native Docker KVM
(Xen)
More overhead Less overhead Overhead Slightly less Slightly less than
Boot Time short Boot time long (wastage of (wastage of (wastage of overhead than Native and
resources) resources) resources) Native Docker
Less time to Longer time to
Calculation Calculation Slow Execution Slow Execution
accomplish accomplish Fast Execution
Speed is faster Speed is Slower equal to Docker equal to Native
request request
Better in sense Better in sense
Works of equally of executing Mature Mature
No Guest OS -
Independently distributing isolated Innovation Innovation
resources processes