Upload
dbi-services
View
872
Download
4
Embed Size (px)
DESCRIPTION
Découvrez comment virtualiser vos serveurs avec Linux Containers (LXC), afin de dupliquer à volonté des environnements Linux avec un impact minimum sur les performances. Vous apprendrez comment isoler ces différents environnements virtuels tout en limitant les ressources qui leurs sont allouées. Nous vous montrerons également les avantages et inconvénients de cette solution par rapport aux autres possibilités de virtualisation.
Citation preview
© dbi services
dbi services
Linux Containers
1 26.04.2012 www.dbi-services.com
David Hueber
Senior Consultant
Head of Service Management
Grégory Steulet
Senior Consultant
Region Manager
© dbi services
Agenda
i. Introduction to virtualization
ii. Containers presentation
iii. Resources management – Cgroups
iv. System Container Demo
v. Core messages
26.04.2012 2 www.dbi-services.com
Linux Containers
Agenda
© dbi services
Why using virtualization with Oracle products ?
Resource usage optimization
Hardware cost reduction
Maintenance cost reduction
Facility cost reduction
Flexibility improvement
Availability facility
Flexibility of allocated resources – vertical scalability
Easy deployment and migration
Oracle License cost reduction – Hard partitioning only
http://www.oracle.com/us/corporate/pricing/partitioning-070609.pdf
Introduction to virtualization
www.dbi-services.com 3 26.04.2012
Linux Containers
© dbi services
partioning-070609.pdf
Introduction to virtualization
www.dbi-services.com 4 26.04.2012
Linux Containers
“Hard partitioning physically segments a server, by taking a single large server and
separating it into distinct smaller systems.
…
Oracle has deemed certain technologies, possibly modified by configuration
constraints, as hard partitioning, and no other technology or configuration qualify.
Approved hard partitioning technologies include:
…
Solaris 10 Containers (capped Containers only),
LPAR (adds DLPAR with AIX 5.2),
Integrity Virtual Machine (capped partitions only), Secure Resource Partitions (capped
partitions only), …
Oracle VM Server for x86 may be used as hard partitioning technology only as
described in the following document:
http://www.oracle.com/technology/tech/virtualization/pdf/ovm-hardpart.pdf.
…”
© dbi services
Oracle certified virtualization solutions
Complete list of certified virtual environments
http://www.oracle.com/technetwork/database/virtualizationmatrix-172995.html
Actually not certified
VMware products – note ID 249212.1
KVM and XEN solutions by Red Hat, Novell or XenSource - note ID 417770.1
LXC (Linux containers)
Introduction to virtualization
www.dbi-services.com 5 26.04.2012
Linux Containers
Platform Virtualization Technology OS Oracle DB version
Linux x86 Oracle VM
Oracle VM2 11gR1/11gR2
Oracle VM3 11gR2
Oracle VM Live Migration Oracle VM2 11gR1/11gR2
© dbi services
Virtualisation – Hypervisor type 1
Hypervisor act as an interface between Hardware and “Invited” OS
Examples: Oracle VM – VMware ESX(i) – Microsoft Hyper-V
Introduction to containers
www.dbi-services.com 6 26.04.2012
Linux Containers
Hardware
Hypervisor
Drivers Drivers Drivers
Privileged OS Invited OS Invited OS
Management Software
Application 1 Application N
© dbi services
Virtualisation – Hypervisor type 2
Software running virtual machines and emulating the hardware
Examples: Oracle VirtualBox – VMware Player – Microsoft VirtualPC
Introduction to containers
www.dbi-services.com 7 26.04.2012
Linux Containers
Hardware
Host OS
Management Software
Drivers
Invited OS
Application 1
Drivers
Invited OS
Application N
Emulator
© dbi services
Virtualisation – Operating System Level
Virtual environments isolating applications / processes
Examples: Linux Container – chroot - OpenVZ
Introduction to containers
www.dbi-services.com 8 26.04.2012
Linux Containers
Hardware
Host OS
Management Software
Isolator
Application 1
Isolator
Application N
© dbi services
Agenda
i. Introduction to virtualization
ii. Containers presentation
iii. Resource management – Cgroups
iv. System Container Demo
v. Core messages
26.04.2012 9 www.dbi-services.com
Linux Containers
Agenda
© dbi services
Containers presentation
www.dbi-services.com 10 26.04.2012
Linux Containers
Support.oracle.com - Bug 12696082: LINUX CONTAINERS (LXC)
Comment submitted by Lenz Grimmer (Senior Oracle Manager, Oracle Linux at Oracle) Linux Containers (lxc) - this is not fully supported as of today, but will play an important role going forward. Verify if Linux Containers is supported in the Linux release you update training for and include appropriately. Alternatively include reference to OIG. *** 04/04/12 08:21 am ***
© dbi services
Virtualisation – Operating System Level
Virtual environments isolating applications / processes
Containers presentation
www.dbi-services.com 11 26.04.2012
Linux Containers
Hardware
Host OS
Management Software(s)
Application 1 Application N
Invited OS Invited OS
KERNEL
© dbi services
What is it ?
Operating system-level virtualization method
Running multiple isolated environment (containers)
Each has its own processes and network space
Linux Containers relies on:
Namespace-isolation functionality
Resource management implemented via cgroups functionality
Namespace-isolation is a kernel feature to limit and isolate resources usage such as CPU, memory, disk I/O of a process group
cgroups (control groups) is a kernel feature to allocate resources usage such as CPU, memory, disk I/O to a process group
Containers presentation
www.dbi-services.com 12 26.04.2012
Linux Containers
© dbi services
Two kinds of containers:
1. Application containers
2. System containers
Application Containers – application that only create separate namespaces
Containers presentation
www.dbi-services.com 13 26.04.2012
Linux Containers
Usage: lxc-execute --name=NAME --COMMAND
lxc-execute creates a container with the identifier NAME and execs COMMAND into
this container.
Options :
-n, --name=NAME NAME for name of the container
-f, --rcfile=FILE Load configuration file FILE
-s, --define KEY=VAL Assign VAL to configuration variable KEY
lxc-execute –n ContTerm -f lxc-myconf.conf /bin/bash
© dbi services
Application Containers
Containers presentation
www.dbi-services.com 14 26.04.2012
Linux Containers
[root@vmlxctest1 ~]# ps -ef |grep lxc
avahi 1674 1 0 18:37 ? 00:00:00 avahi-daemon: running
[vmlxctest1.local]
root 14512 14418 0 19:45 pts/0 00:00:00 lxc-execute -n test xclock
root 14513 14512 0 19:45 pts/0 00:00:00 /usr/lib64/lxc/lxc-init -- /bin/bash
root 14514 14513 0 19:45 pts/0 00:00:00 xclock
---
[root@ContTerm~]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 19:45 pts/0 00:00:00 /usr/lib64/lxc/lxc-init -- /bin/bash
root 2 1 0 19:45 pts/0 00:00:00 xclock
root 15 2 0 19:45 pts/0 00:00:00 ps -ef
Single Host Controller
+ lxc-execute
+ lxc-init + lxc-init
+ <Application>
Application Container
+ <App.>
© dbi services
Application Container
Environment
Oracle Enterprise Linux 6.2 x64
Kernel 2.6-39
Demo 1
Bash terminal in an Application Container
Networking
Start an Oracle database
Demo 2
Oracle in a background Application Container
Freeze and Unfreeze the container
Containers presentation
www.dbi-services.com 15 26.04.2012
Linux Containers
© dbi services
System Containers
Have their own Linux Operating System, as Virtual Machines
Consume less resources
have decreased isolation against control host (same Linux kernel)
Containers presentation
www.dbi-services.com 16 26.04.2012
Linux Containers
Usage: lxc-start --name=NAME --COMMAND
lxc-start start COMMAND in specified container NAME
Options :
-n, --name=NAME NAME for name of the container
-d, --daemon daemonize the container
-f, --rcfile=FILE Load configuration file FILE
-c, --console=FILE Set the file output for the container console
-s, --define KEY=VAL Assign VAL to configuration variable KEY
If no command is specified, lxc-start will use the default "/sbin/init"
command to run a system container.
[root@oel62 ~]#lxc-start –n ol5test1
© dbi services
Operations on a container
Signalling
Pausing
Freeze
Unfreeze
Stopping
Destroying
Containers presentation
www.dbi-services.com 17 26.04.2012
Linux Containers
[root@oel62 ~]#lxc-kill -n ol5test1 9
[root@oel62 ~]#lxc-freeze -n ol5test1
[root@oel62 ~]#lxc-unfreeze -n ol5test1
[root@oel62 ~]#lxc-stop -n ol5test1
[root@oel62 ~]#lxc-destroy -n ol5test1
© dbi services
Agenda
i. Introduction to virtualization
ii. Containers presentation
iii. Resource management – Cgroups
iv. System Container Demo
v. Core messages
26.04.2012 18 www.dbi-services.com
Linux Containers
Agenda
© dbi services
Cgroup Model
blkio — this subsystem sets limits on input/output access to and from block devices such as physical drives (disk, solid state, USB, etc.)
cpu — this subsystem uses the scheduler to provide cgroup tasks access to the CPU
cpuacct — this subsystem generates automatic reports on CPU resources used by tasks in a cgroup
cpuset — this subsystem assigns individual CPUs (on a multicore system) and memory nodes to tasks in a cgroup.
Resource management - Cgroups
www.dbi-services.com 19 26.04.2012
Linux Containers
© dbi services
Cgroup Model
devices — this subsystem allows or denies access to devices by tasks in a cgroup
freezer — this subsystem suspends or resumes tasks in a cgroup
memory — this subsystem sets limits on memory use by tasks in a cgroup, and generates automatic reports on memory resources used by those tasks
net_cls — this subsystem tags network packets with a class identifier (classid) that allows the Linux traffic controller (tc) to identify packets originating from a particular cgroup task
ns — the namespace subsystem
Resource management - Cgroups
www.dbi-services.com 20 26.04.2012
Linux Containers
© dbi services
[root@oel62 ~]# mkdir /cgroup/blkio/lab1
[root@oel62 ~]# mkdir /cgroup/blkio/lab2
Resource management - Cgroups
www.dbi-services.com 21 26.04.2012
Linux Containers
Creation of two cgroups for the blkio subsystem
Finding major and minor number for /u01 - /dev/sde1
[root@oel62 ~]# df -h | grep /u01
/dev/sde 9.9G 2.0G 7.5G 21% /u01
[root@oel62 ~]# ls -l /dev/sde
brw-rw----. 1 root disk 8, 64 Apr 7 12:04 /dev/sde
Setting various blkio upper limit for read operations per second to 100Mb/s and 50Mb/s
[root@oel62 ~]# echo "8:64 104857600" >
/cgroup/blkio/lab1/blkio.throttle.read_bps_device
[root@oel62 ~]# echo "8:64 52428800" >
/cgroup/blkio/lab2/blkio.throttle.read_bps_device
Cgroup demonstration with blkio
© dbi services
[root@oel62 ~]# dd if=/dev/zero of=/u01/file_1 bs=1M count=3000
[root@oel62 ~]# dd if=/dev/zero of=/u01/file_2 bs=1M count=3000
Resource management - Cgroups
www.dbi-services.com 22 26.04.2012
Linux Containers
Creation of two 3Gb file (file_1 and file_2)
Reading first file with cgroup lab1 and executing iotop
[root@oel62 ~]# cgexec -g blkio:lab1 time dd if=/u01/file_1 of=/dev/null
[root@oel62 ~]# iotop -o
Total DISK READ: 98.93 M/s | Total DISK WRITE: 0.00 B/s
TID PRIO USER DISK READ DISK WRITE SWAPIN IO> COMMAND
1567 be/4 root 98.93 M/s 0.00 B/s 0.00 % 61.95% dd if=/u01/file_1 of..
Reading first file with cgroup lab2 and executing iotop
[root@oel62 ~]# cgexec -g blkio:lab2 time dd if=/u01/file_2 of=/dev/null
[root@oel62 ~]# iotop -o
Total DISK READ: 48.09 M/s | Total DISK WRITE: 0.00 B/s
TID PRIO USER DISK READ DISK WRITE SWAPIN IO> COMMAND
1565 be/4 root 51.57 M/s 0.00 B/s 0.00 % 74.19% dd if=/u01/file_2 of..
© dbi services
Agenda
i. Introduction to virtualization
ii. Containers presentation
iii. Resource management - Cgroups
iv. System Container Demo
v. Core messages
26.04.2012 23 www.dbi-services.com
Linux Containers
Agenda
© dbi services
System Container
Environment
Oracle Enterprise Linux 6.2 x64
Kernel 2.6-39
Demo 1
Start a system container
See configuration file
See processes and file system
Demo 2
See template principle
Deploy a system container from a template
Containers presentation
www.dbi-services.com 24 26.04.2012
Linux Containers
© dbi services
Agenda
i. Introduction to virtualization
ii. Containers presentation
iii. Resource management - Cgroups
iv. System Container Demo
v. Core messages
26.04.2012 25 www.dbi-services.com
dbi services current situation
Agenda
© dbi services
Part of the Linux Kernel
Available on almost all distribution
Future technology for Oracle products
Presented as key feature in the Oracle Linux roadmap (OOW11)
Performance efficiency
Resources usage
Fine grained resources allocation
Easy implementation and maintenance
Mainly for Application Containers
Core messages
www.dbi-services.com 26 26.04.2012
Linux Containers
© dbi services
Limited isolation against Host
Limitation on kernel version
Limited documentation
Good introduction blog on blogs.oracle.com
OS virtualization – Limited to Linux Guests
Not a mature technology, virtualization technology not certified for Oracle products
Core messages
www.dbi-services.com 27 26.04.2012
Linux Containers
© dbi services
dbi services
Any Questions ? Please Do Ask !
28 26.04.2012 www.dbi-services.com
David Hueber
Senior Consultant
Head of Service Management
Grégory Steulet
Senior Consultant
Region Manager
„Enjoy Containers !“