| *** sameo has quit IRC | 02:38 | |
| *** tobberydberg_ has quit IRC | 03:04 | |
| *** irclogbot_3 has quit IRC | 03:05 | |
| *** irclogbot_0 has joined #kata-general | 03:06 | |
| *** tobberydberg has joined #kata-general | 03:10 | |
| *** sameo has joined #kata-general | 05:04 | |
| *** sgarzare has joined #kata-general | 07:12 | |
| *** bpradipt has joined #kata-general | 09:44 | |
| *** sgarzare has quit IRC | 10:18 | |
| *** sgarzare has joined #kata-general | 10:18 | |
| *** sgarzare has quit IRC | 10:27 | |
| *** sgarzare_ has joined #kata-general | 10:27 | |
| *** sgarzare_ has quit IRC | 10:27 | |
| *** sgarzare has joined #kata-general | 11:59 | |
| *** devimc has joined #kata-general | 12:05 | |
| *** sgarzare has quit IRC | 12:10 | |
| *** sgarzare has joined #kata-general | 12:16 | |
| *** devimc has quit IRC | 13:18 | |
| *** devimc has joined #kata-general | 13:18 | |
| *** sgarzare_ has joined #kata-general | 13:29 | |
| *** sgarzare has quit IRC | 13:32 | |
| kata-irc-bot1 | <clement> Hi everyone. I'm new to the microVM (and VMs in general) ecosystem, and I'd like some insight on whether firecracker+kata containers would fit my problem | 13:55 |
|---|---|---|
| kata-irc-bot1 | <clement> Basically, I want to setup some machines to let people execute benchmarks (kind of CI-like Saas), and would like to have isolation for security, but I also need some baremetal-like performance | 13:56 |
| kata-irc-bot1 | <clement> wrt to performance I would need to be able to: • Somehow set a given kernel scheduler to performance for the duration of the benchmarks, that means either for the duration of the container or on demand from inside the container • Allow access to some CPU performance counters So basically, have a stable environment for reproducible benchmarks | 13:59 |
| kata-irc-bot1 | <clement> do you think Kata containers would allow this ? | 13:59 |
| devimc | @clement that sounds feasible, just one question: why firecracker and not QEMU? last time I ran a PnP comparison QEMU showed better numbers.. | 14:07 |
| kata-irc-bot1 | <clement> tbh, I just mentioned it because from a quick look at the description it seemed to be more suited but maybe not ? | 14:10 |
| devimc | @clement https://github.com/kata-containers/runtime/issues/2642 | 14:11 |
| *** sgarzare_ has quit IRC | 14:12 | |
| *** sgarzare has joined #kata-general | 14:12 | |
| kata-irc-bot1 | <clement> I see, though I suppose it's only about startup time in this case, not the overhead ? | 14:15 |
| *** sgarzare has quit IRC | 14:15 | |
| *** sgarzare has joined #kata-general | 14:15 | |
| kata-irc-bot1 | <eric.ernst> My initial thought: I think running in a VM in general will make consistsency tough for perf? | 14:15 |
| kata-irc-bot1 | <eric.ernst> compared to baremetal. | 14:16 |
| kata-irc-bot1 | <samuel.ortiz> @clement bare-metal like performance for CPU? Not for IO? | 14:16 |
| kata-irc-bot1 | <clement> well yeah, that's what I thought at first but then I heard about light VMs so I was wondering if it'd be better than usual VMs | 14:16 |
| kata-irc-bot1 | <clement> yeah mainly for CPU | 14:16 |
| kata-irc-bot1 | <eric.ernst> You're still running 2 schedulers really (host, guest) | 14:16 |
| kata-irc-bot1 | <clement> yeah... the issue is that I'm a bit afraid to give execution rights to clients directly in baremetal | 14:17 |
| kata-irc-bot1 | <samuel.ortiz> @clement light VMs are still regular VMs. If you | 14:18 |
| kata-irc-bot1 | <clement> but maybe a docker+jailer would be enough ? I'm really knew to all this stuff :S | 14:18 |
| kata-irc-bot1 | <clement> anyway thanks for the answers, if I find some time I'll give Kata containers a try | 14:31 |
| kata-irc-bot1 | <clement> I'm just no always confident about running such things on my development machine :P | 14:31 |
| kata-irc-bot1 | <eric.ernst> It's pretty easy to get started if you want to just try it out and see; I think depending on the benchmark, you'll see performance differnces compared to baremetal, since most IO will end up going through a virtio stack before it hits the host kernel (ie, you need to copy that IO in/out of the guest VM still, which is overhead). | 14:34 |
| *** sgarzare has quit IRC | 14:37 | |
| *** sgarzare has joined #kata-general | 14:38 | |
| kata-irc-bot1 | <clement> well I did find the installation tutorial (getting started) but it doesn't seem to mention anything about hypervisors. Since I'm new to all this I think I'll have to find more time to install and configure one | 14:41 |
| kata-irc-bot1 | <clement> ok so I just realized that Kata Containers actually wraps the hypervisor. I thought that I had to install Qemu/firecracker and the give it an image or something | 15:56 |
| kata-irc-bot1 | <eric.ernst> Nah, we handle all that behind the scenes so you can "just" run your container workload. | 16:03 |
| kata-irc-bot1 | <clement> Yeah, I guess I'm just a bit lost since I'm new to the ecosystem | 16:06 |
| kata-irc-bot1 | <clement> like, I know some keywords and what they are used for but beyond that... | 16:06 |
| *** sgarzare has quit IRC | 16:11 | |
| kata-irc-bot1 | <clement> so if I understand what `Docker for Kata Containers` is, it replaces the usual docker containers by actualy VMs controlled by Kata Containers ? I also saw mentions about device-mapper being removed and block-based backends not being available. Do you have any link that explains what are block-based backends (and why I would want to or not to use them) ? | 16:13 |
| *** Rene__ has quit IRC | 16:16 | |
| kata-irc-bot1 | <clement> this already scares me... > make[2]: warning: Clock skew detected. Your build may be incomplete > make[6]: Warning: File 'benchmark/CMakeFiles/parse.dir/depend.make' has modification time 0.0061 s in the future | 16:40 |
| kata-irc-bot1 | <eric.ernst> Yeah, the guest kernel needs a config option for synchronizing host/guest clock --i've seen this as well :slightly_smiling_face: | 17:01 |
| kata-irc-bot1 | <eric.ernst> There' a PR already in place for this: https://github.com/kata-containers/packaging/pull/1104 | 17:02 |
| kata-irc-bot1 | <clement> oh, it's cool if it's known :slightly_smiling_face: | 17:09 |
| kata-irc-bot1 | <clement> so... I didn't expect this | 17:10 |
| kata-irc-bot1 | <clement> but it makes sense | 17:10 |
| kata-irc-bot1 | <clement> my benchmarks are actually more stable inside of a Kata container than without | 17:11 |
| kata-irc-bot1 | <clement> a bit slower, but more stable | 17:11 |
| kata-irc-bot1 | <clement> (or maybe I'm really just seeing noise) | 17:11 |
| *** pvdp66556 has quit IRC | 18:18 | |
| *** bpradipt has quit IRC | 18:31 | |
| *** devimc has quit IRC | 21:02 | |
| *** sameo has quit IRC | 21:06 | |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!