Library
Repository Home account_circle Login

A Fresh Look at the Architecture and Performance of Contemporary Isolation Platforms

Conference Paper (2021)
Author(s)

V.J. van Rijn (Student TU Delft)

Jan S. Rellermeyer (TU Delft - Electrical Engineering, Mathematics and Computer Science)

Research Group
Data-Intensive Systems
DOI related publication
https://doi.org/10.1145/3464298.3493404 Final published version
More Info
expand_more
Publication Year
2021
Language
English
Research Group
Data-Intensive Systems
ISBN (electronic)
978-1-4503-8534-3
Event
22nd ACM/IFIP International Middleware Conference (2021-12-06 - 2021-12-10), Virtual Event, Quebeq City, Canada
Downloads counter
231
Collections
Institutional Repository
Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

With the ever-increasing pervasiveness of the cloud computing paradigm, strong isolation guarantees and low performance overhead from isolation platforms are paramount. An ideal isolation platform offers both: an impermeable isolation boundary while imposing a negligible performance overhead. In this paper, we examine various isolation platforms (containers, secure containers, hypervisors, unikernels), and conduct a wide array of experiments to measure the performance overhead and degree of isolation offered by the platforms. We find that container platforms have the best, near-native, performance while the newly emerging secure containers suffer from various overheads. The highest degree of isolation is achieved by unikernels, closely followed by traditional containers.