• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.10
• /
• pp.415-420
• /
• 2017

Virtualization technique of OS-level is a new paradigm for deploying applications, and is attracting attention as a technology to replace traditional virtualization technique, VM (Virtual Machine). Especially, docker containers are capable of distributing application images faster and more efficient than before by applying layered image structures and union mount point to existing linux container. These characteristics of containers can only be used in layered file systems that support snapshot functionality, so it is required to select appropriate layered file systems according to the characteristics of the containerized application. We examine the characteristics of representative layered file systems and conduct write performance evaluations of each layered file systems according to the operating principles of the layered file system, Allocate-on-Demand and Copy-up. We also suggest the method of determining a appropriate layered file system principle for unknown containerized application by learning block I/O usage history of each layered file system principles in artificial neural network. Finally we validate effectiveness of artificial neural network created from block I/O history of each layered file system principles.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.7
• /
• pp.65-73
• /
• 2022

Recently, as the Windows system supports the Windows subsystem for Linux (WSL), various researchers have studied to apply a docker container on various systems such as server systems, workstation system and so on. However, in various existing researchers, there is a lack of performance-related indicators to apply the system to each operating system (linux system and windows system). In this paper, we compared a performance comparison and analysis of container-based host operating systems. We configured experimental environments of operating systems for microsoft windows systems and linux systems based on a docker container support. In experimental results, the containers of linux systems reduced the average data latency of dataset 1-6 by 3.9%, 62.16%, 1552.38%, 7.27%, 60.83%, and 1567.2%, compared to the containers on microsoft windows systems.

• Journal of KIISE
• /
• v.44 no.5
• /
• pp.439-448
• /
• 2017

The workloads of large high-performance computing (HPC) scientific applications are steadily becoming "bursty" due to variable resource demands throughout their execution life-cycles. However, the over-provisioning of virtual resources for optimal performance during execution remains a key challenge in the scheduling of scientific HPC applications. While over-provisioning of virtual resources guarantees peak performance of scientific application in virtualized environments, it results in increased amounts of idle resources that are unavailable for use by other applications. Herein, we proposed a memory resource reconfiguration approach that allows the quick release of idle memory resources for new applications in OS-level virtualized systems, based on the applications resource-usage pattern profile data. We deployed a scientific workflow application in Docker, a light-weight OS-level virtualized system. In the proposed approach, memory allocation is fine-tuned to containers at each stage of the workflows execution life-cycle. Thus, overall memory resource utilization is improved.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.901-909
• /
• 2021

Since mobile devices have limited computational resources, it tends to use the cloud to compute or store data. As real-time becomes more important due to 5G, many studies have been conducted on edge clouds that computes at locations closer to users than central clouds. The farther the user's physical distance from the edge cloud connected to base station is, the slower the network transmits. So applications should be migrated and re-run to nearby edge cloud for smooth service use. We run applications in docker containers, which is independent of the host operating system and has a relatively light images size compared to the virtual machine. Existing migration studies have been experimented by using network simulators. It uses fixed values, so it is different from the results in the real-world environment. In addition, the method of migrating images through shared storage was used, which poses a risk of packet content exposure. In this paper, Containers are migrated with Secure CoPy(SCP) method, a data encryption transmission, by establishing an edge computing environment in a real-world environment. It compares migration time with Network File System, one of the shared storage methods, and analyzes network packets to verify safety.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2021.11a
• /
• pp.23-24
• /
• 2021

Among the failure cases of the existing navigation aids, the SW and operating system errors of the RTU, the embedded computer for navigation aids, account for about 10%. The causes of SW errors have an infinite number of cases, and it is impossible to correct them all. In this paper, we proposed a paravirtualized multi-OS Docker container utilization technique as a stable operation technique for smart navigational aids, which have recently increased the amount of computation and complexity of SW services that need to be managed. It is proposed to divide containers according to service type, expected load, and error frequency and load the service.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.9
• /
• pp.21-29
• /
• 2020

In this paper, we propose quantitative evaluation method that enable security comparison between Security Container Runtimes. security container runtime technologies have been developed to address security issues such as Container escape caused by containers sharing the host kernel. However, most literature provides only a analysis of the security of container technologies using rough metrics such as the number of available system calls, making it difficult to compare the secureness of container runtimes quantitatively. While the proposed model uses a new method of combining the degree of exposure of host system calls with various external vulnerability metrics. With the proposed technique, we measure and compare the security of runC (Docker default Runtime) and two representative Security Container Runtimes, gVisor, and Kata container.

• Journal of the Korea Convergence Society
• /
• v.10 no.12
• /
• pp.71-80
• /
• 2019

DevOps is a combining which means giving a diverse environments for software development and operations through whole software lifecycle. The key value of the proposed DevOps platform is the fast and stable service capability for a software development and operation environment. To do this, the DevOps gives pre-embedded 7 programming languages-Java, C/C++, Python, PHP, Ruby, Node.js, goLang and 7 service frameworks - Korea eGov Framework, Spring, Struts, Django, Laravel, Rails, Express. With the DevOps platform, it is possible to develop a software and also to build and distribute operation packages directly with the Linux containers. In this paper, the performance evaluation for a compile time, a distribution time and a processing capability is will be also proved. Though the performance evaluation, this paper shows capabilities of the proposed DevOps for Cloud services with commercial service level, prospectively.