Abstract: The adoption of modern lightweight virtualization often comes with new threats and network vulnerabilities. This paper seeks to assess this with a different approach studying the behavior of a testbed built with tools such as Kernel-based Virtual Machine (KVM), LinuX Containers (LXC) and Docker, by performing stress tests within a platform where students experiment simultaneously with cyber-attacks, and thus observe the impact on the campus network and also find the best solution for cyber-security learning. Interesting outcomes can be found in the literature comparing these technologies. It is, however, difficult to find results of the effects on the global network where experiments are carried out. Our work shows that other physical hosts and the faculty network were impacted while performing these trials. The problems found are discussed, as well as security solutions and the adoption of new network policies.
Abstract: Determining how many virtual machines a Linux host
could run can be a challenge. One of tough missions is to find the
balance among performance, density and usability. Now KVM
hypervisor has become the most popular open source full
virtualization solution. It supports several ways of running guests with
more memory than host really has. Due to large differences between
minimum and maximum guest memory requirements, this paper
presents initial results on same-page merging, ballooning and live
migration techniques that aims at optimum memory usage on
KVM-based cloud platform. Given the design of initial experiments,
the results data is worth reference for system administrators. The
results from these experiments concluded that each method offers
different reliability tradeoff.