72 lines
8.9 KiB
BibTeX
72 lines
8.9 KiB
BibTeX
Automatically generated by Mendeley Desktop 1.16.3
|
|
Any changes to this file will be lost if it is regenerated by Mendeley.
|
|
|
|
BibTeX export options can be customized via Options -> BibTeX in Mendeley Desktop
|
|
|
|
@article{Felter2014,
|
|
abstract = {IBM Research Report Isolation and resource control for cloud applications has traditionally been achieve through the use of virtual machines. Deploying applications in a VM results in reduced performance due to the extra levels of abstraction. In a cloud environment, this results in loss efficiency for the infrastructure. Newer advances in container-based virtualization simplifies the deployment of applications while isolating them from one another. In this paper, we explore the performance of traditional virtual machine deployments, and contrast them with the use of Linux containers. We use a suite of workloads that stress the CPU, memory, storage and networking resources. Our results show that containers result in equal or better performance than VM in almost all cases. Both VMs and containers require tuning to support I/O-intensive applicaions. We also discuss the implications of our performance results for future cloud architecture.},
|
|
author = {Felter, Wes and Ferreira, Alexandre and Rajamony, Ram and Rubio, Juan},
|
|
doi = {10.1109/ISPASS.2015.7095802},
|
|
file = {:home/steveej/.local/share/data/Mendeley Ltd./Mendeley Desktop/Downloaded/Felter et al. - 2014 - An Updated Performance Comparison of Virtual Machines and Linux Containers(3).pdf:pdf},
|
|
isbn = {9781479919574},
|
|
journal = {Technology},
|
|
keywords = {cloud computing,performance,virtualization},
|
|
pages = {171--172},
|
|
title = {{An Updated Performance Comparison of Virtual Machines and Linux Containers}},
|
|
url = {http://domino.research.ibm.com/library/CyberDig.nsf/papers/0929052195DD819C85257D2300681E7B/{\$}File/rc25482.pdf},
|
|
volume = {25482},
|
|
year = {2014}
|
|
}
|
|
@book{Utrecht2006,
|
|
abstract = {Software deployment is the set of activities related to getting$\backslash$r$\backslash$nsoftware components to work on the machines of end users. It includes$\backslash$r$\backslash$nactivities such as installation, upgrading, uninstallation, and so on.$\backslash$r$\backslash$nMany tools have been developed to support deployment, but they all$\backslash$r$\backslash$nhave serious limitations with respect to correctness. For instance,$\backslash$r$\backslash$nthe installation of a component can lead to the failure of previously$\backslash$r$\backslash$ninstalled components; a component might require other components that$\backslash$r$\backslash$nare not present; and it is generally difficult to undo deployment$\backslash$r$\backslash$nactions. The fundamental causes of these problems are a lack of$\backslash$r$\backslash$nisolation between components, the difficulty in identifying the$\backslash$r$\backslash$ndependencies between components, and incompatibilities between$\backslash$r$\backslash$nversions and variants of components.$\backslash$r$\backslash$n $\backslash$r$\backslash$nThis thesis describes a better approach based on a purely functional$\backslash$r$\backslash$ndeployment model, implemented in a deployment system called Nix.$\backslash$r$\backslash$nComponents are stored in isolation from each other in a Nix store.$\backslash$r$\backslash$nEach component has a name that contains a cryptographic hash of all$\backslash$r$\backslash$ninputs that contributed to its build process, and the content of a$\backslash$r$\backslash$ncomponent never changes after it has been built. Hence the model is$\backslash$r$\backslash$npurely functional.$\backslash$r$\backslash$n $\backslash$r$\backslash$nThis storage scheme provides several important advantages. First, it$\backslash$r$\backslash$nensures isolation between components: if two components differ in any$\backslash$r$\backslash$nway, they will be stored in different locations and will not overwrite$\backslash$r$\backslash$neach other. Second, it allows us to identify component dependencies.$\backslash$r$\backslash$nUndeclared build time dependencies are prevented due to the absence of$\backslash$r$\backslash$n"global" component directories used in other deployment systems.$\backslash$r$\backslash$nRuntime dependencies can be found by scanning for cryptographic hashes$\backslash$r$\backslash$nin the binary contents of components, a technique analogous to$\backslash$r$\backslash$nconservative garbage collection in programming language$\backslash$r$\backslash$nimplementation. Since dependency information is complete, complete$\backslash$r$\backslash$ndeployment can be performed by copying closures of components under$\backslash$r$\backslash$nthe dependency relation.$\backslash$r$\backslash$n $\backslash$r$\backslash$nDevelopers and users are not confronted with components' cryptographic$\backslash$r$\backslash$nhashes directly. Components are built automatically from Nix$\backslash$r$\backslash$nexpressions, which describe how to build and compose arbitrary$\backslash$r$\backslash$nsoftware components; hashes are computed as part of this process.$\backslash$r$\backslash$nComponents are automatically made available to users through "user$\backslash$r$\backslash$nenvironments", which are synthesised sets of activated components.$\backslash$r$\backslash$nUser environments enable atomic upgrades and rollbacks, as well as$\backslash$r$\backslash$ndifferent sets of activated components for different users.$\backslash$r$\backslash$n $\backslash$r$\backslash$nNix expressions provide a source-based deployment model. However,$\backslash$r$\backslash$nsource-based deployment can be transparently optimised into binary$\backslash$r$\backslash$ndeployment by making pre-built binaries (keyed on their cryptographic$\backslash$r$\backslash$nhashes) available in a shared location such as a network server. This$\backslash$r$\backslash$nis referred to as transparent source/binary deployment.$\backslash$r$\backslash$n $\backslash$r$\backslash$nThe purely functional deployment model has been validated by applying$\backslash$r$\backslash$nit to the deployment of more than 278 existing Unix packages. In$\backslash$r$\backslash$naddition, this thesis shows that the model can be applied naturally to$\backslash$r$\backslash$nthe related activities of continuous integration using build farms,$\backslash$r$\backslash$nservice deployment and build management.},
|
|
author = {Utrecht, Universiteit and Magnificus, Rector},
|
|
booktitle = {Utrecht University},
|
|
doi = {10.1007/s12630-009-9179-6},
|
|
file = {:home/steveej/src/github/steveej/msc-thesis/papers/nix-phd-thesis.pdf:pdf},
|
|
isbn = {9039341303},
|
|
issn = {14968975},
|
|
number = {12},
|
|
pages = {0--281},
|
|
pmid = {19728000},
|
|
title = {{The Purely Functional Software Deployment Model}},
|
|
url = {http://www.st.ewi.tudelft.nl/{~}dolstra/pubs/phd-thesis.pdf},
|
|
volume = {56},
|
|
year = {2006}
|
|
}
|
|
@inproceedings{Reshetova2014,
|
|
abstract = {The need for flexible, low-overhead virtualization is evident on many fronts ranging from high-density cloud servers to mobile devices. During the past decade OS-level virtualization has emerged as a new, efficient approach for virtualization, with implementations in multiple different Unix-based systems. Despite its popularity, there has been no systematic study of OS-level virtualization from the point of view of security. In this report, we conduct a comparative study of several OS-level virtualization systems, discuss their security and identify some gaps in current solutions.},
|
|
archivePrefix = {arXiv},
|
|
arxivId = {1407.4245},
|
|
author = {Reshetova, Elena and Karhunen, Janne and Nyman, Thomas and Asokan, N},
|
|
booktitle = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},
|
|
doi = {10.1007/978-3-319-11599-3_5},
|
|
eprint = {1407.4245},
|
|
file = {:home/steveej/.local/share/data/Mendeley Ltd./Mendeley Desktop/Downloaded/Reshetova et al. - 2014 - Security of OS-level virtualization technologies(5).pdf:pdf},
|
|
isbn = {9783319115986},
|
|
issn = {16113349},
|
|
pages = {77--93},
|
|
title = {{Security of OS-level virtualization technologies}},
|
|
volume = {8788},
|
|
year = {2014}
|
|
}
|
|
@book{Sarton1975,
|
|
author = {Sarton, George},
|
|
doi = {10.1007/978-3-319-33138-6},
|
|
file = {:home/steveej/src/github/steveej/msc-thesis/papers/A Computing History Primer.pdf:pdf},
|
|
isbn = {0882751727 (o.c.)},
|
|
pages = {145},
|
|
title = {{Introduction to the history of science.}},
|
|
year = {1975}
|
|
}
|
|
@article{Fink2014,
|
|
abstract = {Docker is a relatively new method of virtualization available natively for 64-bit Linux. Compared to more traditional virtualization techniques, Docker is lighter on system resources, offers a git-like system of commits and tags, and can be scaled from your laptop to the cloud.},
|
|
author = {Fink, John},
|
|
file = {:home/steveej/src/github/steveej/msc-thesis/papers/Docker - a Software as a Service, Operating System-Level Virtualization Framework.pdf:pdf},
|
|
journal = {Code4Lib},
|
|
number = {25},
|
|
pages = {3--5},
|
|
title = {{Docker: a Software as a Service, Operating System-Level Virtualization Framework}},
|
|
url = {http://journal.code4lib.org/articles/9669},
|
|
volume = {1},
|
|
year = {2014}
|
|
}
|