System management & Cloud
solution on z Update
“LinuxONE, Linux without Limits" Event
Montpellier, 2015 September 15-16th
Domenico ChillemiExecutive IT [email protected]
IBM Mainframe
50 years old on 2014
Strong
Batch
experience
Graduated in Mathematics at University of Messina (Italy)
Member of IBM Academy of Technology, zChampion and other
Who is Nico?
Agenda
• Positioning Linux on z as a strong solution platform for Cloud– Mainframe in the Cloud
– The main Cloud on z Solution
– IBM Infrastructure Suite on z (IISz) Positioning
– Overview of IISz
• Infrastructure Suite Components Quick Overview– IBM Wave for z/VM
– IBM OMEGAMON XE on z/VM and Linux
– IBM Operations Manager for z/VM
– IBM Tivoli Storage Manager Extended Edition
– IBM Backup and Restore Manager for z/VM
• Main solution remaining components quick overview– IBM Cloud Manager for OpenStack
– IBM Cloud Orchestrator
• Cloud and Workload Automation
• Lightweight cloud on z
4
• z Systems represents the largest enterprises in many of the world's most demanding industries
• z/OS is in large part the fundamental data source (DB2 parallel sysplex) where availability and security are key
• Linux on z Systems has been steadily growing (double digits) for 15 years – Z13 provides significant improvements to new workloads
• Cloud enablement for Linux on z starts with IaaS and evolving to PaaS
• Based on OpenStack and “patterns”
• Cloud enablement for z/OS is mostly PaaS and focused on services
• Built on workflows with REST APIs
• Leveraging existing assets on z/OS is fundamental to value
Mainframe and the Cloud
Exploiting Cloud on z Systems provides
significant business value day one and
increased value over time
Workload Optimized Cloud
Virtualization Optimization
Cloud Enabled Data Center
Enterprise Cloud Dev & Operations Teams
Infrastructure Teams
CIO / IT Executive
Workload Optimized Patterns
Image Management Usage Metering and Chargeback
Self Service Provisioning
Common Cloud platform built on an open standards reference model
Fit for Purpose Workloads
Disaster Recovery
Enterprise Security
Customers can move across roadmap as business requirements grow
DevOps
C Suite/LOB
4
3
1
2
Today
Tomorrow
6
• Start with z/VM as hypervisor
• Build the z/VM based Infrastructute as a Service (IaaS)
• Use z/VM 6.3
• Build the base through the IBM Infrastructure Suite
• Add OpenStack
• server, network, storage, security
• Use OpenStack services
• Build the cloud platform through IBM Cloud Manager for OpenStack
• Finalize Cloud applications through IBM Cloud Orchestrator
• Patterns for the workloads
• Leveraging Chef, embracing HEAT, evolving to docker
• Develop applications through UrbanCode Deploy with Patterns
• Leveraging Fit4Purpose model
• Consistent APIs across platforms
• Choose z when workload requirements demand higher SLAs
• Consider also z/KVM as Linux native hypervisor in future
Bring Linux on z into the Cloud
Cloud Automation
IBM Cloud Manager with OpenStack
IBM Wave Ops Mgr, Backup/Restore , TSM
IaaS - Infrastructure Management
Rich set of ready to use patterns
Open, scalable platform
Cloud Marketplace
Cloud Management
IBM Cloud Orchestrator
Pre-defined menu of Services
Pattern sharing/re-use, from engine
Monitor performance of z/VM and Linux guests
OMEGAMON XE
Simple, intuitive, graphical z/VM management tool
Operational managementBackup/recovery of z/VM & Linux
The main solution for cloud workloads on z Systems
Cost management
High Availability
Security
Application Performance Management
Workload Automation
Add on:
• Wrong believe that Infrastructure Suite for z/VM and Linux on z
(IISz) is itself Cloud on z
• Positioning IISz as the “Infrastructure Suite” comes from the
following thoughts:• Whether customers are looking at simple virtualization or a full cloud
solution with their z/VM environment, the basic z/VM and Linux
infrastructure must be in place and must be managed
• The IISz Suite is designed to manage the infrastructure level
• While WAVE has provisioning, it is to aid the system programmer in
provisioning guests, not to be a cloud based self-ordering provision
tool, like an ICM
• Cloud solutions can be easily added on to this infrastructure moving
toward a full cloud based environment.
• Whether virtualization only or full cloud implementation, the
infrastructure is the first level needing management
• In conclusion, IISz is designed to serve Cloud on z, so it can be
well positioned as IaaS (Infrastructure as a Service) for Cloud
implementations on z Systems
Positioning IBM Infrastructure Suite on z (IISz)
File Level backup and recovery for Linux
virtual machines
Simple, intuitive, graphical z/VM management
tool
Tivoli Storage Manager
IBM Wave
IBM Infrastructure Suite
Operations Manager for z/VM
OMEGAMON XE on z/VM and Linux
Performance monitoring of z/VM and Linux virtual machines
Facilitate operational monitoring and
automated operations, take action
based on events
Image and file level backup and
restore of z/VM environment
File level backup of z/VM data
Backup and Restore
Manager for z/VM
Linux on z Systems
z/VM
Add Tape Manager for z/VM for customers backing up from z/VM to tape
z/VM based Infrastructure as a Service (IaaS)
solution for Cloud on zSystems
When and why choose z/VM?
Infrastructure simplification via virtualization
• Consolidate distributed, discrete servers and their networks
• IBM Mainframe security, qualities of service
• Shared infrastructure with workload isolation
• Exploit built-in z/VM system management
Scale and elasticity
• Deploy servers, networks, and solutions fast
• React quickly to challenges and opportunities
• Allocate server capacity when needed
• Support mixed workloads at close to 100% platform utilization
Technology exploitation
• Linux with z/VM adds more function to Linux
• Linux exploits unique z/VM technology features
• High speed connectivity to z/OS applications and data
(CPU, Memory, Network, Adapters, Crypto, Devices)
z/OS z/OSz/VM z/VM
BusinessApps
DataServing
VirtualServers
VirtualServers
Shared Everything Infrastructure
z/OS® z/OSz/VM z/VM
BusinessApps
DataServing
VirtualServers
VirtualServers
Shared Everything Infrastructure(CPU, Memory, Network, Adapters, Crypto, Devices)
z System platform capabilities
can support cloud environments
and allow integrated cloud
environments across z System
and distributed
The goal is to start the process of differentiating the components as not being the same, but complementary. Too many times folks highlight the similarities, but the goal is to highlight the differences. Similarities do not need to be ignored, but should be a minor focus. The major focus is the main role of each component.
• Position the products main functions to help differentiate them.• Do not focus on overlap, focus on differences:
Product Main function
OMEGAMON Monitoring z/VM and Linux
TSM Backup and Restore Linux at the file level
WAVE z/VM System Programmers Administration tool
Operations Manager for z/VM z/VM Automation tool
Backup and Restore manager for z/VM
z/VM Backup at the file level and Linux at the volume level
IISz Products Basic Information
Provisioning & Administering z/VM Linux guests
Provision Linux guests/servers Across LPARs or machines Servers - memory and CPU Network – connect to Guest LANs or VSWITCHes Storage – based on admin-define device pools Customize first boot before TCPI/IP initialized Customize cloning via REXX scripts
Manage and administer Linux guests/servers via GUI View of all servers graphically Run shell scripts against a server or group of servers Activate or deactivate server or group of servers Login to server directly from GUI View and modify network connections
Real time monitoring High level view of system status via dashboard gauges View storage utilization
IBM Wave for z/VM
IBM Wave for z/VM (formerly CSL-WAVE) provides the graphical interface that simplifies and helps to automate the management of z/VM and Linux on System z virtual servers.
A simple, intuitive graphical tool providing management, provisioning, and automation for a z/VM environment, supporting Linux virtual servers.
Allows delegation of administrative
capabilities to the appropriate teams
Simplifies and Automates tasks
Provisions virtual resources (Guests,
Network, Storage)
Supports advanced z/VM capabilities
such as Single System Image and Live
Guest Relocation
Basic Monitoring and management of
virtual servers and resources from a
single graphical interface
z/VM & Linux Performance Monitoring and Automation
Monitor performance based on best practices Virtual CPU for each guest
z/VM processor utilization
Spin lock wait
Virtual disk utilization
Virtual storage utilization with V/R memory ratio
Formation and size of eligible list
Page and spool space utilization and I/O rates
DASD I/O and minidisk cache usage
Resource constraint analysis
Use historical data to Understand capacity
Size Linux guests for best performance in a hosted environment
Bringing z/VM and Linux monitoring into the Enterprise View
OMEGAMON XE on z/VM and Linux
• Increased Performance & Availability
• Provides insight into the health and performance of z/VM and Linux
Rich collections of attributes monitor thresholds for z/VM and Linux best practices.
Reflex automation provides timely resolution and/or notification.Lightweight visibility to the z/VM hypervisor, Linux OS, and Linux Log data in one tool.
Deep integration with Cloud and Smarter Infrastructure Suite integrating z/VM and Linux data to the Enterprise view (Cross platform workflow management).
Persistent Historical views allows management of real and virtual resources across peak periods and downtimes for clear view of resource usage and constraints.
17
Enterprise-ready cloud monitoring
z/VM Operational Monitoring and Automation
Generate alerts and/or automatically recover from
Abend, termination, or error messages
Service machine disks approaching full
Critical user IDs or guests being logged off or entering error state
Spool and/or page space approaching full
Schedule automated system maintenance procedures
Spool cleanup based on policies
Minidisk cleanup (from logs), including archiving
Orderly startup and shutdown
Relocation of critical guests to another SSI member
Backups of z/VM system
View & issue commands on consoles of Linux guests and CMS service machines
Operations staff monitoring multiple consoles or a central console of alerts
System programmers debugging a problem on a guest or service machine
Operations Manager for z/VM
19
Operations Manager
for z/VM
Increase productivity
Authorized users to view and interact with monitored virtual machines without logging onto them
Multiple users view/interact with a virtual machine simultaneously
Improve system availability
Monitor virtual machines and processes
Take automated actions based on console messages
Reduce problems due to operator error
Service Virtual
Machine being
monitored
Service Virtual
Machine being
monitored
Console monitoring
Console monitoring
Take action
• View & interact
with consoles
• View spool files
Automation Routine activities done more effectively with
minimal operations staff Schedule tasks to occur on a regular basis
Schedule tasks
Monitor page and spool usage
Respond to system events
(user state changes)
Integration Fulfill take action requests from performance monitoring
products (e.g. OMEGAMON XE on z/VM and Linux) Send alerts to email, central event management systems
(e.g. Netcool/OMNIbus), etc.
Idle monitor
IBM Wave for z/VM and Operations Manager for z/VM
• IBM Wave for z/VM provides management via an interactive GUI interface for:• Monitoring of virtual server resources• z/VM and Linux administrator tasks
• Delegating responsibilities to Linux administrators and/or clients to co-manage their environment
• Provisioning of Linux guests
• Basic performance information
• Operations Manager for z/VM provides operational monitoring & automation
• In the background• Monitoring of console messages for z/VM service machines and Linux guests
• Monitoring “state” information for z/VM service machines and Linux guests
• Monitoring spool and page space on the z/VM system
• Automated responses to these monitors when they are triggered
• Interactive when needed• View and interact with live service machine and Linux guest consoles
• View and manage spool files
• Complementary solutions• Use Operations Manager to monitor Wave service machines
• Use Operations Manager to automatically initiate tasks in IBM Wave via the IBM Wave CLI
IBM Wave and OMEGAMON XE on z/VM and Linux
• IBM Wave for z/VM provides point in time monitoring of virtual server resources
• OMEGAMON XE on z/VM and Linux provides
• Deeper level monitoring of z/VM
• Deeper level monitoring of individual Linux guest environments
• Ability to set service level thresholds and generate events when exceeded
• Historical view of monitoring data
• OMEGAMON XE on z/VM and Linux and IBM Wave can coexist in customer environments
• Both gather the data from the Performance Toolkit for z/VM
Operations Manager for z/VM and OMEGAMON XE
on z/VM and Linux
Linux Guest Linux GuestLinux Guest
Web browser
OMEGAMON XE (including
TMS)
z/VM
Agent Agent
Application Application
z System
Perf
Toolkit
Extensions
Operations
Manager
OMEGAMON XE on z/VM and Linux• Performance monitoring for z/VM and Linux guests
• Part of Tivoli Management Services (TMS) infrastructure
Operations Manager for z/VM• Monitor consoles of z/VM service machines and guest user IDs
• Take actions based on console messages
• Respond to “take action” requests from OMEGAMON
• Schedule routine tasks
Image level backup of Linux guests
Operating system
Applications
Application data (maybe)
Backup and Recovery of z/VM and Linux on z
File level backup of z/VM data
Directory information
Configuration files
Log files
Tools – REXX EXECs, automation scripts, etc.
File level backup of Linux guests
Configuration files
Log files
Tools
Image level backup of z/VM
Operating system
23
Backup and Restore Manager for z/VM
• Backup
• Requested by administrators
• Full or incremental
• Flexible selection of disks and files to
back up
• Review job before submitting for
backup
• Restore Restore data via full screen interface or
commands Performed by users for their own data
Extended to other users available via exit
Performed by administrators for any data
Integration with Tape Manager for z/VM
Optional compression of data during backup via exits Call your own compression algorithm
Use IBM provided routine
Encryption available via exits Call your own routine
Use vendor-written routine, such as V/Soft Software’s Encrypt/Backup for z/VM
Use encryption capable tape devices
24
Backup and recovery of z/VM resources including full Linux on z images
Performance: High-performance, scalable backups and restores that minimize network traffic .
Disaster recovery: Performs automated, scheduled asynchronous replication of backup data and metadata
Flexibility: Data protection and disaster recovery for more than 500 different disk, tape and virtual tape storage
Scalability and reliability Management of up to four billion data objects on single server architecture built on IBM DB2®
Cloud Backup/Recovery
Tivoli Storage Manager Extended Edition
Backup and recovery of Linux on z resources
z/VMBackup and Restore
Manager
Other
guest
FBA or ECKD
DASD
TSM
Server
TSM
Client CMS minidisk
and SFS files
dirA/file1.ext
dirB/file2.ext
dirC/file3.ext
FN FT FM
FN FT FM
FN FT FM
Linux
Combine the solutions for file
level and volume level recoveryTSM
Server
TSM
Client
Linux
Backup and Restore Manager and
Tivoli Storage Manager together
An open-source project which abstracts compute, networking and storage hardware into logical resources that can be addressed through Application Programming Interfaces (APIs)
Abstracts the complexity and provides standardized access to these resources regardless of the infrastructure platforms and technologies
Several vendors including IBM participating to this project Provides an open, modular IaaS approach for incorporating
additions in a consistent manner Allows standardization and portability with flexibility
What is OpenStack
OpenStack services
Keystone
User and Tenant definition, authentication, and roles
Nova
Allocation of virtual instances
Neutron
Networking assignment and connectivity
Glance
Image management
Cinder
Storage management
Horizon
Graphical user interface
Each has associated configuration file – key ones for z/VM
integration are nova, neutron, and Cinder
What is a Pattern?
• A combination of
– A base image containing a Linux operating system
– Additional “things” that produce a customized instance for a particular
purpose
• Virtual resource configuration (storage, network interfaces…)
• Software (agents, middleware, application…)
• A pattern can contain one or more images, each customized
in a different manner
• Topology may also be required
– One image in a pattern requiring information about another pattern
that is only available at runtime (e.g. hostname/IP address)
• e.g. HTTP server(s) Web Application Server(s) Database Server
Pattern terminology
• Script Package/Component
– A program in a language supported on the target platform that can
execute after the instance is deployed
• Can be a “wrapper” around a silent installation script
• Chef
– Open source client/server for automatically deploying an
environment (“infrastructure as code”)
• Heat orchestration template
– An OpenStack component that associates one or more images,
each with zero or more software configuration objects, with an
optional topology
Reduces multi-
product
deployment
durations by up
to 80%
Reduces
deployment
error/fix
durations
Reduces need
for deep product
skills
Improves
quality of
delivery
Time Savings Quality and Efficiency
Customers needs through brainstorming took to this!
One dozen patterns covering 50% of Linux on z Systems portfolio revenue
Clear commitment from IBM to pattern-enable middleware products for Linux on z
Systems
Organizations will be able to build out complex Cloud workload instances on z
Systems in a fraction of the time
Announcing Custom Patterns for Linux on z
Systems
Introducing IBM UrbanCode Deploy with
Patterns
Pattern designer
– Design open, full stack application
environments in a diagram or textual
editor
Design once, deploy anywhere
– Deploy full stack environments to
multiple clouds
Environment lifecycle management
– Manage infrastructure change and
easily apply changes to existing
environments
Delivery process automation
– Automated delivery process with
integrated full stack environments
Design and deploy full stack application environments for multiple clouds
IBM UrbanCode Deploy with Patterns
Application
Middleware Config
Middleware
OS Config
Hardware
Envi
ron
me
nt
Blu
ep
rin
t
• Graphically create Heat templates via drag-and-drop • Directly deploy Heat templates (stacks) into an OpenStack cloud (including ICM and
ICO), or export template text and import into OpenStack
IBM Urban Code Deploy with Patterns
IBM Infrastructure Suite for z/VM and Linux
IBM Cloud Manager with Openstack
Main Cloud on z solution Build Steps (2)
IBM Cloud Manager for OpenStack (ICM)
Quick Overview
•Based on OpenStack
•First tier in the IBM Cloud suite of cloud management products
•Available to run on System z ("manage from" support)
•Also available to run from Linux x86 or Power, "manage to" Linux x86, Power, and System z environments
•Can deploy CHEF and HEAT based Patterns
•Formerly known as SmartCloud Entry
• Enables rapid IT response to ever-changing demands of
business via self-service provisioning of infrastructure
services, as end users can re-deploy virtual servers with an
easy to use interface
• Yields improved virtualization operational efficiency and
greater overall business effectiveness. Administrators
capture & manage standard VM images with support for
common business processes
• Provides capability to track/correlate cost of infrastructure to
department usage via basic usage metering, so
Organizations & Managed Service Providers (MSPs/CSPs)
can align service to expense
• Supports production-grade cloud operations &
interoperability at scale via enhanced foundation and full
OpenStack API compatibility
• Provides optimized infrastructure usage, reduced cost of
cloud ownership, and higher workload quality of service
• Open computing cloud alternative to proprietary vendors,
with world-class support from IBM
An easy to deploy and use cloud management software offering based on OpenStack with IBM enhancements and support
Introducing IBM Cloud Manager for Openstack (ICM)
Offers rapid time to valueChef Server and Client included
Supports Heterogeneous Compute, Storage & Network
• Central management across multiple hypervisors & domains
• All IBM server architectures & major hypervisors supported
Additional Features for Increased Eefficiency
• Dashboards show Cloud admin resource capacity, VM utilization
• Reporting/Metering/Billing, Resource expiration & project approval policies, network configuration & mapping
Multi-Cloud Federation Clouds
• Federation of multiple OpenStack instances
•Accelerate Time to Market: Time to market improvement fornew applications
• Integrated Management:Approvals, metering, billing, users and projects through a single ‘pane of glass’
•Flexible, modular design: Based upon OpenStack IaaS - Access to OpenStack APIs. Extensible via REST API allowing partners to easily customize the UI
IBM Cloud Manager with OpenStack is an easy to deploy, simple to use cloud management software offering based on OpenStack (Icehouse) with open cloud APIs. Importantly, we include IBM enhancements that features a self-service portal for workload provisioning, virtual image management, and monitoring. It's an innovative, cost-effective approach that also includes automation, metering, and security.
OpenSimple
Innovative
IBM Cloud Manager with OpenStack
IBM Infrastructure Suite for z/VM and Linux
IBM Cloud Manager with Openstack
IBM Cloud Orchestrator
Main Cloud on z solution Build Steps (3)
IBM Cloud Orchestrator (ICO)
Quick Overview
•Based on OpenStack
•Builds on functionality of Cloud Manager with OpenStack and adds runbook automation and middleware pattern support for workload deployment
•Formerly known as SmartCloud Orchestrator
•Run from Linux 86 or Softlayer “manage to” Linux x86, Power, and System z environments
42
An open and scalable cloud platform
An easy to use orchestrator for cloud service automation
A rich set of ready to use automation packages
A marketplace for automation packages sharing and re-use
Consolidate and Virtualize
Automate and Standardize
Optimise and Orchestrate
CloudService Management
IBM Cloud Orchestrator
IBM Cloud Orchestrator Major Functions
• Builds on basic image provisioning and self service functions to add:
• Patterns (System and Application)
• Orchestration (workflow process automation and integration with other products)
• Monitoring and Scaling (adjustments based on performance thresholds)
• Public cloud platforms (e.g. Amazon, SoftLayer)
• Hybrid (Public and Private) Cloud support
• Includes integration with non-IBM OpenStack clouds
• Manages x, p, and z environments from the Linux Intel platform
• System z supported as a “Manage-to” environment for Linux z/VM guests
• OpenStack components used
• Nova (Compute, Network), Glance (Image), Neutron (System z networking), Cinder (storage, but not for System z) from previous version of SCO
• New ICO adds Horizon (UI), Heat (patterns), Ceilometer (monitoring), Keystone (security) and expands Neutron and Cinder for x, p, and z
• Improved support of z/VM environment
• No longer dependent on Public Cloud Gateway component
• Increased networking and deployed instance flexibility
IBM WAVE, ICO, and ICM Comparison
PRIMARY usage of IBM Wave
• Efficient management of the ENTIRE z/VM environment
(and ONLY z/VM)
• Administers the z/VM resources
• A tool for z/VM System Administrators, including allowing
administrators to build and clone Linux guests for users
– NOT something to give to end users
– NO concept of catalogs, patterns or workflow
automation (orchestration)
IBM WAVE, ICO, and ICM Comparison
The PRIMARY usage of IBM Cloud Manager for
OpenStack (ICM):
•Cloud provisioning and automation based on OpenStack
•Simplified implementation, lifecycle management, resource
management, self-service portal, monitoring & metering
•Full access to OpenStack APIs – All IBM server architectures
and major hypervisors now available to choose from
•Allow end users to deploy Linux instances onto z/VM and other
supported cloud platforms on x and p
– Standalone images (with single customization script) from user interface
– “Patterns” using OpenStack Heat templates invoking scripts/Chef from
the administrative (OpenStack Horizon) interface
– Automatic horizontal scaling and project resource quotas
IBM WAVE, ICO, and ICM Comparison
PRIMARY usage of IBM Cloud Orchestrator (ICO)
• Allows end users to deploy images, system patterns, and application
patterns from customizable catalog offerings
• Eases coordination of complex tasks and workflows, necessary to
deploy applications
• Provides the automation ("Orchestration") from the time the user
makes the request through the time the request is deployed, and
beyond to the time the resources are not needed
• Can define cataloged offerings that deploy components across
multiple operating system platforms.
– e.g. HTTP server on x, Web Server on p, Database on z
– Supports pattern scaling policies, user billing, project quotas
– Provides integration with other products and processes via Business
Process Manager workflows, email notification, etc.
– Manages both private and public clouds (Softlayer, Amazon EC2, Non-
IBM OpenStack) to build hybrid clouds
Batch Cloud Scenario with IWS zCentric
• A very big cross platform batch application needs to run once a year
• A huge number of distributed servers is necessary
• IWS agents currently installed cannot cover all the demanded resources
0
10
20
30
40
50
60
70
80
Jan Mar May Jul Sept Nov
% CPU
% Memory
% Storage
Currently installed TWS Agents
service level capability
Tivoli
Workload
Automation
Cloud
Oth
er
req
ue
sts
Cloud accelerates the need for workload automation
Value proposition
IWS has moved to the center between the request for business services and the demand for Cloud infrastructure and resources: it allows to manage mission-critical, end-to-end workloads through fluid and elastic cloud resources
Capabilities
IWS provides ICO integration for
Immediate provisioning of workload automation ready environment, for temporary demand
Elastic provisioning of workload automation resource for intermittent demand
Business Value
Reduce resource, installation and customization costs and increase productivity
Adapt quickly in the context of limited resources
49
IBM Workload Scheduler & IBM Cloud Orchestrator
IBM Infrastructure Suite for z/VM and Linux
IBM Cloud Manager with Openstack
IBM Cloud Orchestrator
Cloud on z solution with IWS zCentric on demand
NEEDEDIWS zCentric
Linux on z Agents
Docker
• Strong Open Source Project
• Several contributors to the project (same of OpenStack)
• Partnership with IBM
• Linux on z operating systems supported
• What is exactly Docker?
• A light weight virtualization technology
• A packaging mechanism for applications and hooking applications together
• OpenStack & several Linux OS supported, including Ubuntu
Lightweight architecture
Virtual Machine zVM/KVM/VMWare mechanism Simple containers Docker mechanism
Isolation of Linux resources while running Cloud
through Docker and its containers
• Docker provides isolation for filesystems, processes, and networks used
by each container
• Filesystem isolation: each container is its own root filesystem
• Process isolation: each container runs in its own process environment.
• Network isolation: separate virtual interfaces and IP addressing between
containers.
• Resource isolation and grouping: resources like CPU and memory are
allocated individually to each
• Copy-on-write: filesystems are created with copy-on-write, meaning they
are layered and fast and require limited disk usage
Top Related