DevConf.cz 2021 has ended
Back To Schedule
Friday, February 19 • 5:00pm - 5:25pm
Honey, I shrunk the pods (and everything else)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Kata Containers runs your existing containers in their own virtual machine. It lets you combine the ecosystem of containers with the features of virtual machines. A problem with this approach is that it uses more resources than traditional container runtimes. In this session, we will discuss the current state of affairs and various attempts at making things a little better.

When you run Kata Containers along with Kubernetes or OpenShift, a pod is a virtual machine. This means that you need a hypervisor and a guest kernel. This consumes memory, disk space, and causes overhead in the networking and storage stacks. From a business perspective, this directly impacts how many containers you can start. So it is a legitimate effort to shave off as much as we can on every front.

First, we will do a review of where we stand today, i.e. how much memory and disk space is consumed by the various components, and the kind of overhead we are talking about regarding storage and networking. Then we will show where we can expect some serious improvements. Finally, we will discuss how we can deliver these optimizations in practice, and let actual use cases guide us in prioritising the effort.

We will then see how we can save quite a bit of memory and disk space for qemu (and why that matters in practice). On the storage front, we will highlight the differences between virtiofs and 9p, and the work that remains to be done, notably with respect to caching and memory usage. On the networking front, we will see how the problem is now largely solved if you have the right hardware, using SR-IOV and DPDK โ€“ย which are the topic of a dedicated talk - and discuss remaining issues.

Finally, we will cover a few longer-term prospects, notably with respect to qemu and libvirt modularization efforts, as well as more radical efforts such as libkrun, and how these prospects matter for Kata Containers as well as other consumers of these tools.

avatar for Christophe de Dinechin

Christophe de Dinechin

Senior Principal Software Engineer, Red Hat
Christophe de Dinechin works at Red Hat primarily on Kata Containers and its integration into OpenShift, as well as on Confidential Containers. He co-presented a talk at the KVM Forum 2021 titled "Don't peek into my container". He also has a strong interest in virtualisation, performance... Read More →

Friday February 19, 2021 5:00pm - 5:25pm CET
Session Room 5