Abstract
In recent years, container technology has caught the attention of the communities by its performance and compactness. Although the design of modern container tools (e.g., Docker and podman) serves as a single-purpose application provider, existing deployed containers still contain extra tools that are unnecessary for a single-purpose process. The existence of unnecessary files and tools is directly proportional to higher security risk. Besides, extraneous files often make the container heavier and slow down its performance. This paper introduces a novel Lightweight Virtualization packaging model for creating profiles for a single-purpose application from an existing multi-purpose container environment, called AppPACK. Specifically, the model can generate a package containing minified versions of images, kernel, and virtual machine profiles from a target application. The experiment results show that AppPACK can provide an image of 1.1 to 37 times smaller in size compared to the original version. The experiment on execution shows that using AppPACK profiles could fasten the booting process from 1.1 to 6 times compared to the non-AppPACK version. The comparison between AppPACK and previous approaches shows that proposed model can provide more compatible and smaller versions in most cases.
Highlights
The Hypervisor-based virtualization has been a traditional solution for solving the isolation problems in an operating system with the cost of performance reduction [1]
The last experiment shows a performance comparison when deploying images generated by the original (Fat system) and AppPACK (Slim system) into the virtual machine (QEMU-based)
This paper proposed a model to convert the fat system into a slim-system called AppPACK
Summary
The Hypervisor-based virtualization has been a traditional solution for solving the isolation problems in an operating system with the cost of performance reduction [1]. For single-purpose tasks, hypervisor-based virtualization is not an optimization option despite its security. Container-based hosts have less isolation from the guests and are more vulnerable to kernel exploits than hypervisor-based virtualization. Recent research for lightweight hypervisor solutions such as Lightweight KVM, QEMU-lite, ACRN, and Clear Container (Intel) provides rapid boot-up and optimized memory functions, improving speed for hypervisor-based virtualization. The evolution of virtualization, from the virtual machine to lightweight virtualization, focuses on improving security in the process (in both hypervisor-based and OS-level) and optimizing the environment. This paper introduces appPACK, which is a fullautomation model for generating a package for deploying the single-purpose application on a virtualization environment. The proposed model offers a minification solution for images and virtual machine profiles, and kernel modules.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
