A Systematic Literature Review on Maintenance of Software Containers
Article No.: 193, Pages 1 - 38
Abstract
Nowadays, cloud computing is gaining tremendous attention to deliver information via the internet. Virtualization plays a major role in cloud computing as it deploys multiple virtual machines on the same physical machine and thus results in improving resource utilization. Hypervisor-based virtualization and containerization are two commonly used approaches in operating system virtualization. In this article, we provide a systematic literature review on various phases in maintenance of containers including container image detection, container scheduling, container security measures, and performance evaluation of containers. We have selected 145 primary studies out of which 24% of studies are related to container performance evaluation, 42% of studies are related to container scheduling techniques, 22% of studies are related to container security measures, and 12% of studies are related to container image detection process. A few studies are related to container image detection process and evaluation of container security measures. Resource utilization is the most considered performance objective in almost all container scheduling techniques. We conclude that there is a need to introduce new tagging approaches, smell detection approaches, and also new approaches to detect and resolve threat issues in containers so that we can maintain the security of containers.
References
[1]
Subil Abraham, Arnab K. Paul, Redwan Ibne Seraj Khan, and Ali R. Butt. 2020. On the use of containers in high performance computing environments. In 2020 IEEE 13th International Conference on Cloud Computing (CLOUD). 284–293. DOI:
[2]
Amro Abuabdo and Ziad A. Al-Sharif. 2019. Virtualization vs. containerization: Towards a multithreaded performance evaluation approach. In 2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA). 1–6. DOI:
[3]
Ashijeet Acharya, Jérémy Fanguède, Michele Paolino, and Daniel Raho. 2018. A performance benchmarking analysis of hypervisors containers and unikernels on ARMv8 and x86 CPUs. In Proceedings of the 2018 European Conference on Networks and Communications (EuCNC). 282–289. DOI:
[4]
Jigna N. Acharya and Anil C. Suthar. 2022. Docker container orchestration management: A review. In Proceedings of the International Conference on Intelligent Vision and Computing. 140–153.
[5]
Mainak Adhikari and Satish Narayana Srirama. 2019. Multi-objective accelerated particle swarm optimization with a container-based scheduling for Internet-of-Things in cloud environment. Journal of Network and Computer Applications 137 (2019), 35–61. DOI:
[6]
Imtiaz Ahmad, Mohammad Gh. AlFailakawi, Asayel AlMutawa, and Latifa Alsalman. 2021. Container scheduling techniques: A survey and assessment. Journal of King Saud University - Computer and Information Sciences 34, 7 (2021), 3934--3947. DOI:
[7]
Yanal Alahmad, Tariq Daradkeh, and Anjali Agarwal. 2018. Availability-aware container scheduler for application services in cloud. In 2018 IEEE 37th International Performance Computing and Communications Conference (IPCCC). 1–6. DOI:
[8]
Yanal Alahmad, Tariq Daradkeh, and Anjali Agarwal. 2019. Optimized availability-aware component scheduler for applications in container-based cloud. In 2019 6th International Conference on Software Defined Systems (SDS). 194–199. DOI:
[9]
Ammar Al-Moalmi, Juan Luo, Ahmad Salah, Kenli Li, and Luxiu Yin. 2021. A whale optimization system for energy-efficient container placement in data centers. Expert Systems with Applications 164 (2021), 113719. DOI:
[10]
Tahir Alyas, Sikandar Ali, Habib Ullah Khan, Ali Samad, Khalid Alissa, and Muhammad Asif Saleem. 2022. Container performance and vulnerability management for container security Using Docker engine. Security and Communication Networks 2022, 6819002 (2022).
[11]
A. Asensio, X. Masip-Bruin, J. Garcia, and S. Sánchez. 2021. On the optimality of concurrent container clusters scheduling over heterogeneous smart environments. Future Generation Computer Systems 118 (2021), 157–169. DOI:
[12]
Wissal Attaoui, Essaid Sabir, Halima Elbiaze, and Mohsen Guizani. 2022. VNF and container placement: Recent advances and future trends. arXiv:2204.00178. DOI:
[13]
Naylor G. Bachiega, Paulo S. L. Souza, Sarita M. Bruschi, and Simone do R. S. de Souza. 2018. Container-based performance evaluation: A survey and challenges. In 2018 IEEE International Conference on Cloud Engineering (IC2E). 398–403. DOI:
[14]
Rabindra K. Barik, Rakesh K. Lenka, K. Rahul Rao, and Devam Ghose. 2016. Performance analysis of virtual machines and containers in cloud computing. In Proceedings of the 2016 International Conference on Computing, Communication and Automation (ICCCA). 1204–1210. DOI:
[15]
Ouafa Bentaleb, Adam S. Z. Belloum, Abderrazak Sebaa, and Aouaouche El-Maouhab. 2022. Containerization technologies: Taxonomies, applications and challenges. Journal of Supercomputing 78, 1 (2022), 1144–1181. DOI:
[16]
Aditya Bhardwaj and C. Rama Krishna. 2019. A container-based technique to improve virtual machine migration in cloud computing. IETE Journal of Research 68, 1 (2019), 401–416. DOI:
[17]
Aditya Bhardwaj and C. Rama Krishna. 2021. Virtualization in cloud computing: Moving from hypervisor to containerization—a survey. Arabian Journal for Science and Engineering 46, 9 (2021), 8585–8601. DOI:
[18]
Rolando Brondolin, Tommaso Sardelli, and Marco D. Santambrogio. 2018. DEEP-Mon: Dynamic and energy efficient power monitoring for container-based infrastructures. In Proceedings of the 2018 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW). 676–684. DOI:
[19]
Emiliano Casalicchio and Vanessa Perciballi. 2017. Measuring Docker performance: What a mess!!! In Proceedings of the 8th ACM/SPEC on International Conference on Performance Engineering Companion (ICPE ’17 Companion). Association for Computing Machinery, New York, NY, USA, 11–16. DOI:
[20]
MinSu Chae, HwaMin Lee, and Kiyeol Lee. 2019. A performance comparison of linux containers and virtual machines using Docker and KVM. Cluster Computing 22, 1 (2019), 1765–1775. DOI:
[21]
Ngoc-Tu Chau, Jaehyeon Yoon, Thien-Phuc Doan, and Souhwan Jung. 2021. AppPACK: A packaging model for single-purpose lightweight virtualization environment. IEEE Access 9, (2021), 30071–30079.
[22]
Feifei Chen, Xiaofeng Zhou, and Chao Shi. 2019. The container scheduling method based on the min-min in edge computing. In Proceedings of the 2019 4th International Conference on Big Data and Computing (ICBDC ’19). Association for Computing Machinery, New York, NY, USA, 83–90. DOI:
[23]
Wei Chen, Jia-Hong Zhou, Jia-Xin Zhu, Guo-Quan Wu, and Jun Wei. 2019. Semi-supervised learning based tag recommendation for Docker repositories. Journal of Computer Science and Technology 34, 5 (2019), 957–971.
[24]
Kennedy Chengeta. 2021. Comparing the performance between virtual machines and containers using deep learning credit models. In Proceedings of the International Conference on Artificial Intelligence and Its Applications (icARTi'21). Association for Computing Machinery, New York, NY, USA, 1--8. DOI:
[25]
Ron C. Chiang. 2023. Contention-aware container placement strategy for Docker swarm with machine learning based clustering algorithms. Cluster Computing 26, 1 (2023), 13--23.
[26]
Jürgen Cito, Gerald Schermann, John Erik Wittern, Philipp Leitner, Sali Zumberi, and Harald C. Gall. 2017. An empirical analysis of the Docker container ecosystem on GitHub. In Proceedings of the 2017 IEEE/ACM 14th International Conference on Mining Software Repositories (MSR). 323–333.
[27]
Lorenzo Civolani, Guillaume Pierre, and Paolo Bellavista. 2019. FogDocker: Start container now, fetch image later. In Proceedings of the 12th IEEE/ACM International Conference on Utility and Cloud Computing. 51–59.
[28]
Qiqing Deng, Xinrui Tan, Jing Yang, Chao Zheng, Liming Wang, and Zhen Xu. 2022. A secure container placement strategy using deep reinforcement learning in cloud. In Proceedings of the 2022 IEEE 25th International Conference on Computer Supported Cooperative Work in Design (CSCWD). 1299–1304.
[29]
Piotr Dziurzanski and Leandro Soares Indrusiak. 2018. Value-based allocation of Docker containers. In Proceedings of the 2018 26th Euromicro International Conference on Parallel, Distributed and Network-based Processing (PDP). 358–362. DOI:
[30]
Guisheng Fan, Liang Chen, Huiqun Yu, and Wei Qi. 2020. Multi-objective optimization of container-based microservice scheduling in edge computing. Computer Science and Information Systems 18 (2020), 23–42. DOI:
[31]
Xing Gao, Zhongshu Gu, Mehmet Kayaalp, Dimitrios Pendarakis, and Haining Wang. 2017. ContainerLeaks: Emerging security threats of information leakages in container clouds. In Proceedings of the 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 237–248. DOI:
[32]
Xinjie Guan, Xili Wan, Baek-Young Choi, Sejun Song, and Jiafeng Zhu. 2017. Application oriented dynamic resource allocation for data centers using docker containers. IEEE Communications Letters 21, 3 (2017), 504–507. DOI:
[33]
Carlos Guerrero, Isaac Lera, and Carlos Juiz. 2018. Genetic algorithm for multi-objective optimization of container allocation in cloud architecture. Journal of Grid Computing 16, 1 (2018), 113–135.
[34]
Yanghu Guo and Wenbin Yao. 2018. A container scheduling strategy based on neighborhood division in micro service. In Proceedings of the 2018 IEEE/IFIP Network Operations and Management Symposium (NOMS ’18). 1–6. DOI:
[35]
Mubin Ul Haque and M. Ali Babar. 2022. Well begun is half done: An empirical study of exploitability & impact of base-image vulnerabilities. In 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). 1066–1077.
[36]
Sanjay Hardikar, Pradeep Ahirwar, and Sameer Rajan. 2021. Containerization: Cloud computing based inspiration technology for adoption through Docker and Kubernetes. In Proceedings of the 2021 2nd International Conference on Electronics and Sustainable Communication Systems (ICESC). 1996–2003. DOI:
[37]
Foyzul Hassan, Rodney Rodriguez, and Xiaoyin Wang. 2018. RUDSEA: Recommending updates of Dockerfiles via software environment analysis. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. 796–801.
[38]
Aurelien Havet, Valerio Schiavoni, Pascal Felber, Maxime Colmant, Romain Rouvoy, and Christof Fetzer. 2017. Genpack: A generational scheduler for cloud data centers. In Proceedings of the 2017 IEEE International Conference on Cloud Engineering (IC2E). 95–104.
[39]
Yang Hu, Cees de Laat, and Zhiming Zhao. 2019. Multi-objective container deployment on heterogeneous clusters. In Proceedings of the 2019 19th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID). 592–599.
[40]
Yang Hu, Huan Zhou, Cees de Laat, and Zhiming Zhao. 2020. Concurrent container scheduling on heterogeneous clusters with multi-resource constraints. Future Generation Computer Systems 102 (2020), 562–573. DOI:
[41]
Delu Huang, Handong Cui, Shihao Wen, and Cheng Huang. 2019. Security analysis and threats detection techniques on Docker container. In Proceedings of the 2019 IEEE 5th International Conference on Computer and Communications (ICCC). 1214–1220. DOI:
[42]
Md Hasan Ibrahim, Mohammed Sayagh, and Ahmed E. Hassan. 2020. Too many images on DockerHub! How different are images for the same system? Empirical Software Engineering 25, 5 (2020), 4250–4281.
[43]
Mahmoud Imdoukh, Imtiaz Ahmad, and Mohammad Alfailakawi. 2020. Optimizing scheduling decisions of container management tool using many-objective genetic algorithm. Concurrency Computation Practice and Experience 32, 5 (2020), e5536. DOI:
[44]
Omar Javed and Salman Toor. 2021. Understanding the quality of container security vulnerability detection tools. arXiv preprint arXiv:2101.03844. DOI:
[45]
Devki Nandan Jha, Saurabh Garg, Prem Prakash Jayaraman, Rajkumar Buyya, Zheng Li, and Rajiv Ranjan. 2018. A holistic evaluation of Docker containers for interfering microservices. In Proceedings of the 2018 IEEE International Conference on Services Computing (SCC). 33–40. DOI:
[46]
Shujian Ji, Kejiang Ye, and Cheng-Zhong Xu. 2019. CMonitor: A monitoring and alarming platform for container-based clouds. Cloud Computing—CLOUD 2019. Lecture Notes in Computer Science, Vol. 11513. Springer International Publishing, Cham, 324–339.
[47]
Rodi Jolak, Thomas Rosenstatter, Mazen Mohamad, Kim Strandberg, Behrooz Sangchoolie, Nasser Nowdehi, and Riccardo Scandariato. 2022. CONSERVE: A framework for the selection of techniques for monitoring containers security. Journal of Systems and Software 186 (2022), 111158. DOI:
[48]
Ann Mary Joy. 2015. Performance comparison between Linux containers and virtual machines. In Proceedings of the 2015 International Conference on Advances in Computer Engineering and Applications. 342–346. DOI:
[49]
Chanwit Kaewkasi and Kornrathak Chuenmuneewong. 2017. Improvement of container scheduling for Docker using ant colony optimization. In Proceedings of the 2017 9th International Conference on Knowledge and Smart Technology (KST). 254–259. DOI:
[50]
Supriya Kamthania. 2019. A novel deep learning RBM based algorithm for securing containers. In Proceedings of the 2019 IEEE International WIE Conference on Electrical and Computer Engineering (WIECON-ECE). 1–7. DOI:
[51]
Oren Katz, Dror Rawitz, and Danny Raz. 2021. Containers resource allocation in dynamic cloud environments. In Proceedings of the 2021 IFIP Networking Conference (IFIP Networking). 1–9. DOI:
[52]
Kuljeet Kaur, Sahil Garg, Georges Kaddoum, Syed Hassan Ahmed, and Mohammed Atiquzzaman. 2020. KEIDS: Kubernetes-based energy and interference driven scheduler for industrial IoT in edge-cloud ecosystem. IEEE Internet of Things Journal 7, 5 (2020), 4228–4237. DOI:
[53]
Kuljeet Kaur, Sahil Garg, Georges Kaddoum, Francois Gagnon, and Dushantha Nalin K. Jayakody. 2019. EnLoB: Energy and load balancing-driven container placement strategy for data centers. In 2019 IEEE Globecom Workshops (GC Wkshps). 1–6. DOI:
[54]
Saad Ahmad Khan, Muhammad Abdullah, Waheed Iqbal, Muhammad Arif Butt, Faisal Bukhari, and Saeed-Ul Hassan. 2022. Automatic migration-enabled dynamic resource management for containerized workload. IEEE Systems Journal 17, 2 (2022), 2378–2389.
[55]
Barbara Ann Kitchenham and Stuart Charters. 2007. Guidelines for Performing Systematic Literature Reviews in Software Engineering. Retrieved from https://www.elsevier.com/__data/promis_misc/525444systematicreviewsguide.pdf
[56]
Zhanibek Kozhirbayev and Richard O. Sinnott. 2017. A performance comparison of container-based technologies for the Cloud. Future Generation Computer Systems 68 (2017), 175–182. DOI:
[57]
Soonhong Kwon and Jong-Hyouk Lee. 2020. DIVDS: Docker image vulnerability diagnostic system. IEEE Access 8 (2020), 42666–42673. DOI:
[58]
Kyungwoon Lee, Hyunjin Kim, Beomsu Kim, and Chuck Yoo. 2017. Analysis on network performance of container virtualization on IoT devices. In Proceedings of the 2017 International Conference on Information and Communication Technology Convergence (ICTC). 35–37. DOI:
[59]
Lingguang Lei, Jianhua Sun, Kun Sun, Chris Shenefiel, Rui Ma, Yuewu Wang, and Qi Li. 2017. SPEAKER: Split-phase execution of application containers. In Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. 230–251.
[60]
Feng Li, Wen Jun Tan, and Wentong Cai. 2022. A wholistic optimization of containerized workflow scheduling and deployment in the cloud–edge environment. Simulation Modelling Practice and Theory 118 (2022), 102521.
[61]
Jiawei Li, Bo Liu, Weiwei Lin, Pengfei Li, and Qian Gao. 2019. An improved container scheduling algorithm based on PSO for big data applications. Cyberspace Safety and Security. Springer International Publishing, Cham, 516–530.
[62]
Lianwan Li, Jianxin Chen, and Wuyang Yan. 2018. A particle swarm optimization-based container scheduling algorithm of Docker platform. In Proceedings of the 4th International Conference on Communication and Information Processing (ICCIP ’18). Association for Computing Machinery, New York, NY, USA, 12–17. DOI:
[63]
Qilong Li and Yu Fang. 2017. Multi-algorithm collaboration scheduling strategy for Docker container. In Proceedings of the 2017 International Conference on Computer Systems, Electronics and Control (ICCSEC). 1367–1371.
[64]
Zheng Li, Maria Kihl, Qinghua Lu, and Jens A. Andersson. 2017. Performance overhead comparison between hypervisor and container based virtualization. In Proceedings of the 2017 IEEE 31st International Conference on Advanced Information Networking and Applications (AINA). 955–962. DOI:
[65]
Changyuan Lin, Sarah Nadi, and Hamzeh Khazaei. 2020. A large-scale data set and an empirical study of Docker images hosted on Docker hub. In Proceedings of the 2020 IEEE International Conference on Software Maintenance and Evolution (ICSME). 371–381.
[66]
Miao Lin, Jianqing Xi, Weihua Bai, and Jiayin Wu. 2019. Ant colony algorithm for multi-objective optimization of container-based microservice scheduling in cloud. IEEE Access 7 (2019), 83088–83100. DOI:
[67]
Xin Lin, Lingguang Lei, Yuewu Wang, Jiwu Jing, Kun Sun, and Quan Zhou. 2018. A measurement study on Linux container security: Attacks and countermeasures. In Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC ’18). Association for Computing Machinery, New York, NY, USA, 418–429. DOI:
[68]
Yuhang Lin, Olufogorehan Tunde-Onadele, and Xiaohui Gu. 2020. CDL: Classified distributed learning for detecting security attacks in containerized applications. In Proceedings of the Annual Computer Security Applications Conference (ACSAC ’20). Association for Computing Machinery, New York, NY, USA, 179–188. DOI:
[69]
Bo Liu, Jiawei Li, Weiwei Lin, Weihua Bai, Pengfei Li, and Qian Gao. 2021. K-PSO: An improved PSO-based container scheduling algorithm for big data applications. International Journal of Network Management 31, 2 (2021), e2092. DOI:
[70]
Bo Liu, Pengfei Li, Weiwei Lin, Na Shu, Yin Li, and Victor Chang. 2018. A new container scheduling algorithm based on multi-objective optimization. Soft Computing 22, 23 (2018), 7741–7752.
[71]
Peiyu Liu, Shouling Ji, Lirong Fu, Kangjie Lu, Xuhong Zhang, Wei-Han Lee, Tao Lu, Wenzhi Chen, and Raheem Beyah. 2020. Understanding the security risks of Docker hub. Computer Security – ESORICS 2020. Lecture Notes in Computer Science, Vol. 12308. Springer International Publishing, Cham, 257–276.
[72]
Yu Liu, Dapeng Lan, Zhibo Pang, Magnus Karlsson, and Shaofang Gong. 2021. Performance evaluation of containerization in edge-cloud computing stacks for industrial applications: A client perspective. IEEE Open Journal of the Industrial Electronics Society 2 (2021), 153–168. DOI:
[73]
Saiqin Long, Wen Wen, Zhetao Li, Kenli Li, Rong Yu, and Jiang Zhu. 2021. A global cost-aware container scheduling strategy in cloud data centers. IEEE Transactions on Parallel & Distributed Systems 33, 11 (2021), 2752--2766.
[74]
Fotis Loukidis-Andreou, Ioannis Giannakopoulos, Katerina Doka, and Nectarios Koziris. 2018. Docker-Sec: A fully automated container security enhancement mechanism. In Proceedings of the 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS'18). 1561--1564. DOI:
[75]
Weizhi Lu, Boyu Li, and Bin Wu. 2019. Overhead aware task scheduling for cloud container services. In Proceedings of the 2019 IEEE 23rd International Conference on Computer Supported Cooperative Work in Design (CSCWD). 380–385. DOI:
[76]
Zhigang Lu, Jiwei Xu, Yuewen Wu, Tao Wang, and Tao Huang. 2019. An empirical case study on the temporary file smell in Dockerfiles. IEEE Access 7, (2019), 63650–63659.
[77]
Jingze Lv, Mingchang Wei, and Yang Yu. 2019. A container scheduling strategy based on machine learning in microservice architecture. In Proceedings of the 2019 IEEE International Conference on Services Computing (SCC). 65–71. DOI:
[78]
Liang Lv, Yuchao Zhang, Yusen Li, Ke Xu, Dan Wang, Wendong Wang, Minghui Li, Xuan Cao, and Qingqing Liang. 2019. Communication-aware container placement and reassignment in large-scale internet data centers. IEEE Journal on Selected Areas in Communications 37, 3 (2019), 540–555.
[79]
R. Madhumathi. 2018. The relevance of container monitoring towards container intelligence. In Proceedings of the 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT). 1–5. DOI:
[80]
Ruchika Malhotra. 2016. Empirical Research in Software Engineering: Concepts, Analysis, and Applications. CRC Press.
[81]
Harri Manninen, Vesa Jääskeläinen, and Jan Olaf Blech. 2020. Performance evaluation of containerization platforms for control and monitoring devices. In Proceedings of the 2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). 1061–1064. DOI:
[82]
Ying Mao, Jenna Oak, Anthony Pompili, Daniel Beer, Tao Han, and Peizhao Hu. 2017. Draps: Dynamic and resource-aware placement scheme for Docker containers in a heterogeneous cluster. In Proceedings of the 2017 IEEE 36th International Performance Computing and Communications Conference (IPCCC). 1–8.
[83]
A. Martin, S. Raponi, T. Combe, and R. di Pietro. 2018. Docker ecosystem—Vulnerability analysis. Computer Communications 122 (2018), 30–43. DOI:
[84]
Ilias Mavridis and Helen Karatza. 2017. Performance and overhead study of containers running on top of virtual machines. In Proceedings of the 2017 IEEE 19th Conference on Business Informatics (CBI). 32–38. DOI:
[85]
Ilias Mavridis and Helen Karatza. 2019. Combining containers and virtual machines to enhance isolation and extend functionality on cloud computing. Future Generation Computer Systems 94, (2019), 674–696. DOI:
[86]
Hemant Kumar Mehta, Paul Harvey, Omer Rana, Rajkumar Buyya, and Blesson Varghese. 2020. WattsApp: Power-aware container scheduling. In Proceedings of the 2020 IEEE/ACM 13th International Conference on Utility and Cloud Computing (UCC). 79–90. DOI:
[87]
Tianhui Meng, Zhihao Shang, and Katinka Wolter. 2017. An empirical performance and security evaluation of android container solutions. In Proceedings of the 2017 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). 1–8. DOI:
[88]
Tarek Menouer. 2021. KCSS: Kubernetes container scheduling strategy. Journal of Supercomputing 77, 5 (2021), 4267–4293.
[89]
Tarek Menouer, Christophe Cérin, and Étienne Leclercq. 2018. New multi-objectives scheduling strategies in Docker SwarmKit. In Proceedings of the International Conference on Algorithms and Architectures for Parallel Processing. 103–117.
[90]
Tarek Menouer and Patrice Darmon. 2019. New scheduling strategy based on multi-criteria decision algorithm. In Proceedings of the 2019 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP). 101–107.
[91]
Tarek Menouer and Patrice Darmon. 2019. Containers scheduling consolidation approach for cloud computing. In Proceedings of the International Symposium on Pervasive Systems, Algorithms and Networks. 178–192.
[92]
Tarek Menouer, Otman Manad, Christophe Cérin, and Patrice Darmon. 2019. Power efficiency containers scheduling approach based on machine learning technique for cloud computing environment. In Proceedings of the International Symposium on Pervasive Systems, Algorithms and Networks. 193–206.
[93]
Alan Mills, Jonathan White, and Phil Legg. 2022. OGMA: Visualisation for software container security analysis and automated remediation. In Proceedings of the 2022 IEEE International Conference on Cyber Security and Resilience (CSR). 76–81.
[94]
Roberto Morabito. 2017. Virtualization on Internet of Things edge devices with container technologies: A performance evaluation. IEEE Access 5 (2017), 8835–8850. DOI:
[95]
Roberto Morabito, Jimmy Kjällman, and Miika Komu. 2015. Hypervisors vs. lightweight virtualization: A performance comparison. In Proceedings of the 2015 IEEE International Conference on Cloud Engineering. 386–393. DOI:
[96]
Farnaz Moradi, Christofer Flinta, Andreas Johnsson, and Catalin Meirosu. 2017. ConMon: An automated container based network performance monitoring system. In Proceedings of the 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). 54–62. DOI:
[97]
E. N. Preeth, Fr. Jaison Paul Mulerickal, Biju Paul, and Yedhu Sastri. 2015. Evaluation of Docker containers based on hardware utilization. In Proceedings of the 2015 International Conference on Control Communication Computing India (ICCC). 697–700. DOI:
[98]
Saurav Nanda and Thomas J. Hacker. 2018. RACC: Resource-aware container consolidation using a deep learning approach. In Proceedings of the 1st Workshop on Machine Learning for Computing Systems (MLCS ’18). Association for Computing Machinery, New York, NY, USA. DOI:
[99]
Matteo Nardelli, Christoph Hochreiner, and Stefan Schulte. 2017. Elastic provisioning of virtual machines for container deployment. In Proceedings of the 8th ACM/SPEC on International Conference on Performance Engineering Companion (ICPE ’17 Companion). Association for Computing Machinery, New York, NY, USA, 5–10. DOI:
[100]
Shubha Brata Nath, Sourav Kanti Addya, Sandip Chakraborty, and Soumya K. Ghosh. 2020. Green containerized service consolidation in cloud. In Proceedings of the 2020 IEEE International Conference on Communications (ICC). 1–6. DOI:
[101]
Vivian Noronha, Ekkehard Lang, Maximilian Riegel, and Thomas Bauschert. 2018. Performance evaluation of container based virtualization on embedded microprocessors. In Proceedings of the 2018 30th International Teletraffic Congress (ITC ’18). 79–84. DOI:
[102]
Omogbai Oleghe. 2021. Container placement and migration in edge computing: Concept and scheduling models. IEEE Access 9 (2021), 68028–68043. DOI:
[103]
Arnaldo Pereira Ferreira and Richard Sinnott. 2019. A performance evaluation of containers running on managed Kubernetes services. In Proceedings of the 2019 IEEE International Conference on Cloud Computing Technology and Science (CloudCom). 199–208. DOI:
[104]
Jayama Pinnamaneni, S. Nagasundari, and Prasad Honnavalli. 2022. Identifying vulnerabilities in docker image code using ML techniques. In Proceedings of the 2022 2nd Asian Conference on Innovation in Technology (ASIANCON). 1–5.
[105]
Max Plauth, Lena Feinbube, and Andreas Polze. 2017. A performance survey of lightweight virtualization techniques. Service-Oriented and Cloud Computing. Springer International Publishing, Cham, 34–48.
[106]
U-Chupala Pongsakorn, Yasuhiro Watashiba, Kohei Ichikawa, Susumu Date, and Hajimu Iida. 2017. Container rebalancing: Towards proactive linux containers placement optimization in a data center. In Proceedings of the 2017 IEEE 892 41st Annual Computer Software and Applications Conference (COMPSAC). 788--795.
[107]
Amit M. Potdar, Narayan D. G., Shivaraj Kengond, and Mohammed Moin Mulla. 2020. Performance evaluation of docker container and virtual machine. Procedia Computer Science 171, (2020), 1419–1428. DOI:
[108]
Vaibhav Rastogi, Drew Davidson, Lorenzo de Carli, Somesh Jha, and Patrick McDaniel. 2017. Cimplifier: Automatically debloating containers. In Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering. 476–486.
[109]
Vaibhav Rastogi, Chaitra Niddodi, Sibin Mohan, and Somesh Jha. 2017. New directions for container debloating. In Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation. 51–56.
[110]
Leonardo R. Rodrigues, Marcelo Pasin, Omir C. Alves, Charles C. Miers, Mauricio A. Pillon, Pascal Felber, and Guilherme P. Koslovski. 2019. Network-aware container scheduling in multi-tenant data center. In Proceedings of the 2019 IEEE Global Communications Conference (GLOBECOM). 1–6. DOI:
[111]
Leonardo Rosa Rodrigues, Guilherme Piêgas Koslovski, Marcelo Pasin, Maurício Aronne Pillon, Omir Correia Alves, and Charles Christian Miers. 2021. Time-constrained and network-aware containers scheduling in GPU era. Future Generation Computer Systems 117 (2021), 72–86. DOI:
[112]
Bowen Ruan, Hang Huang, Song Wu, and Hai Jin. 2016. A performance study of containers in cloud environment. Advances in Services Computing. Springer International Publishing, Cham, 343–356.
[113]
Mufeed Ahmed Naji Saif, Abhinava Karantha, S. K. Niranjan, and Belal Abdullah Hezam Murshed. 2022. Multi objective resource scheduling for cloud environment using ant colony optimization algorithm. Journal of Algebraic Statistics 13, 3 (2022), 2798–2809.
[114]
A. Sergeev, E. Rezedinova, and A. Khakhina. 2022. Stress testing of Docker containers running on a windows operating system. Journal of Physics: Conference Series, IOP Publishing 2339, 1 (2022), 012010.
[115]
Zhenwu Shi, Chenming Jiang, Landu Jiang, and Xue Liu. 2021. HPKS: High performance Kubernetes scheduling for dynamic blockchain workloads in cloud computing. In Proceedings of the 2021 IEEE 14th International Conference on Cloud Computing (CLOUD). 456–466.
[116]
Rui Shu, Xiaohui Gu, and William Enck. 2017. A study of security vulnerabilities on Docker Hub. In Proceedings of the 7th ACM Conference on Data and Application Security and Privacy (CODASPY ’17). Association for Computing Machinery, New York, NY, USA, 269–280. DOI:
[117]
Shengbo Song, Lelai Deng, Jun Gong, and Hanmei Luo. 2018. Gaia scheduler: A Kubernetes-based scheduler framework. In Proceedings of the 2018 IEEE International Conference on Parallel & Distributed Processing with Applications, Ubiquitous Computing & Communications, Big Data & Cloud Computing, Social Computing & Networking, Sustainable Computing & Communications (ISPA/IUCC/BDCloud/SocialCom/SustainC). 252–259.
[118]
Sari Sultan, Imtiaz Ahmad, and Tassos Dimitriou. 2019. Container security: Issues, challenges, and the road ahead. IEEE Access 7 (2019), 52976–52996. DOI:
[119]
Byungchul Tak, Hyekyung Kim, Sahil Suneja, Canturk Isci, and Prabhakar Kudva. 2018. Security analysis of container images using cloud analytics framework. In Web Services – ICWS 2018. Springer International Publishing, Cham, 116–133.
[120]
Boxiong Tan, Hui Ma, and Yi Mei. 2018. A genetic programming hyper-heuristic approach for online resource allocation in container-based clouds. In AI 2018: Advances in Artificial Intelligence. Springer International Publishing, Cham, 146–152.
[121]
Boxiong Tan, Hui Ma, and Yi Mei. 2019. Novel genetic algorithm with dual chromosome representation for resource allocation in container-based clouds. In Proceedings of the 2019 IEEE 12th International Conference on Cloud Computing (CLOUD). 452–456.
[122]
Boxiong Tan, Hui Ma, and Yi Mei. 2019. A hybrid genetic programming hyper-heuristic approach for online two-level resource allocation in container-based clouds. In Proceedings of the 2019 IEEE Congress on Evolutionary Computation (CEC). 2681–2688. DOI:
[123]
Boxiong Tan, Hui Ma, and Yi Mei. 2020. A NSGA-II-based approach for multi-objective micro-service allocation in container-based clouds. In Proceedings of the 2020 20th IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing (CCGRID). 282–289. DOI:
[124]
Boxiong Tan, Hui Ma, Yi Mei, and Mengjie Zhang. 2020. A cooperative coevolution genetic programming hyper-heuristic approach for on-line resource allocation in container-based clouds. IEEE Transactions on Cloud Computing 10, 3 (2020), 1500--1514. DOI:
[125]
Ye Tao, Xiaodong Wang, Xiaowei Xu, and Yinong Chen. 2017. Dynamic resource allocation algorithm for container-based service computing. In Proceedings of the 2017 IEEE 13th International Symposium on Autonomous Decentralized System (ISADS). 61–67. DOI:
[126]
Jörg Thalheim, Pramod Bhatotia, Pedro Fonseca, and Baris Kasikci. 2018. Cntr: Lightweight containers. In Proceedings of the 2018 USENIX Annual Technical Conference (USENIX ATC ’18). 199–212.
[127]
Aparna Tomar, Diksha Jeena, Preeti Mishra, and Rahul Bisht. 2020. Docker security: A threat model, attack taxonomy and real-time attack scenario of DoS. In Proceedings of the 2020 10th International Conference on Cloud Computing, Data Science Engineering (Confluence). 150–155. DOI:
[128]
Olufogorehan Tunde-Onadele, Jingzhu He, Ting Dai, and Xiaohui Gu. 2019. A study on container vulnerability exploit detection. In Proceedings of the 2019 IEEE International Conference on Cloud Engineering (IC2E ’19). 121–127. DOI:
[129]
Xili Wan, Xinjie Guan, Tianjing Wang, Guangwei Bai, and Baek-Yong Choi. 2018. Application deployment using Microservice and Docker containers: Framework and optimization. Journal of Network and Computer Applications 119 (2018), 97–109. DOI:
[130]
Bo Wang, Ying Song, Xiao Cui, and Jie Cao. 2017. Performance comparison between hypervisor- and container-based virtualizations for cloud users. In Proceedings of the 2017 4th International Conference on Systems and Informatics (ICSAI ’17). 684–689. DOI:
[131]
Yulong Wang, Qixu Wang, Xingshu Chen, Dajiang Chen, Xiaojie Fang, Mingyong Yin, and Ning Zhang. 2022. ContainerGuard: A real-time attack detection system in container-based big data platform. IEEE Transactions on Industrial Informatics 18, 5 (2022), 3327–3336. DOI:
[132]
Yulong Wang, Qixu Wang, Xue Qin, Xingshu Chen, Bangzhou Xin, and Run Yang. 2023. DockerWatch: A two-phase hybrid detection of malware using various static features in container cloud. Soft Computing 27, 2 (2023), 1015--1031.
[133]
Ye Wu and Haopeng Chen. 2017. ABP scheduler: Speeding up service spread in Docker Swarm. In Proceedings of the 2017 IEEE International Symposium on Parallel and Distributed Processing with Applications and 2017 IEEE International Conference on Ubiquitous Computing and Communications (ISPA/IUCC). 691–698.
[134]
Yiwen Wu. 2020. Exploring the relationship between Dockerfile quality and project characteristics. In Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Companion Proceedings. 128–130.
[135]
Yiwen Wu, Yang Zhang, Tao Wang, and Huaimin Wang. 2020. Characterizing the occurrence of Dockerfile smells in open-source software: An empirical study. IEEE Access 8, (2020), 34127–34139. DOI:
[136]
Xiaojing Xie and Shyam S. Govardhan. 2020. A service mesh-based load balancing and task scheduling system for deep learning applications. In Proceedings of the 2020 20th IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing (CCGRID). 843–849. DOI:
[137]
Jiwei Xu, Yuewen Wu, Zhigang Lu, and Tao Wang. 2019. Dockerfile TF smell detection based on dynamic and static analysis methods. In Proceedings of the 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 185–190.
[138]
Kejiang Ye, Yanmin Kou, Chengzhi Lu, Yang Wang, and Cheng-Zhong Xu. 2018. Modeling application performance in Docker containers using machine learning techniques. In Proceedings of the 2018 IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS). 1–6. DOI:
[139]
Kang Yin, Wei Chen, Jiahong Zhou, Guoquan Wu, and Jun Wei. 2018. STAR: A specialized tagging approach for Docker repositories. In Proceedings of the 2018 25th Asia-Pacific Software Engineering Conference (APSEC). 426–435.
[140]
Kang Yin, Jiahong Zhou, Wei Chen, Guoquan Wu, Jiaxin Zhu, and Jun Wei. 2018. D-Tagger: A tag recommendation approach for Docker repositories. In Proceedings of the 10th Asia-Pacific Symposium on Internetware. 1–10.
[141]
Takeshi Yoshimura, Rina Nakazawa, and Tatsuhiro Chiba. 2020. ImageJockey: A framework for container performance engineering. In Proceedings of the 2020 IEEE 13th International Conference on Cloud Computing (CLOUD). 238–247. DOI:
[142]
Ahmed Zerouali, Valerio Cosentino, Tom Mens, Gregorio Robles, and Jesus M. Gonzalez-Barahona. 2019. On the impact of outdated and vulnerable Javascript packages in Docker images. In Proceedings of the 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER). 619–623. DOI:
[143]
Ahmed Zerouali, Valerio Cosentino, Gregorio Robles, Jesus M. Gonzalez-Barahona, and Tom Mens. 2019. ConPan: A tool to analyze packages in software containers. In Proceedings of the 2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR). 592–596. DOI:
[144]
Ahmed Zerouali, Tom Mens, and Coen de Roover. 2021. On the usage of JavaScript, Python and Ruby packages in Docker Hub images. Science of Computer Programming 207 (2021), 102653. DOI:
[145]
Dong Zhang, Bing-Heng Yan, Zhen Feng, Chi Zhang, and Yu-Xin Wang. 2017. Container oriented job scheduling using linear programming model. In Proceedings of the 2017 3rd International Conference on Information Management (ICIM). 174–180. DOI:
[146]
Lu Zhang, Reginald Cushing, Cees de Laat, and Paola Grosso. 2021. A real-time intrusion detection system based on OC-SVM for containerized applications. In Proceedings of the 2021 IEEE 24th International Conference on Computational Science and Engineering (CSE). 138–145. DOI:
[147]
Qi Zhang, Ling Liu, Calton Pu, Qiwei Dou, Liren Wu, and Wei Zhou. 2018. A comparative study of containers and virtual machines in big data environment. In Proceedings of the 2018 IEEE 11th International Conference on Cloud Computing (CLOUD). 178–185. DOI:
[148]
Rong Zhang, Yaxing Chen, Bo Dong, Feng Tian, and Qinghua Zheng. 2019. A genetic algorithm-based energy-efficient container placement strategy in CaaS. IEEE Access 7 (2019), 121360–121373. DOI:
[149]
Rong Zhang, A-min Zhong, Bo Dong, Feng Tian, and Rui Li. 2018. Container-VM-PM architecture: A novel architecture for Docker container placement. Cloud Computing –CLOUD 2018. Springer International Publishing, Cham, 128–140.
[150]
Yang Zhang, Gang Yin, Tao Wang, Yue Yu, and Huaimin Wang. 2018. An insight into the impact of Dockerfile evolutionary trajectories on quality and latency. In Proceedings of the 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC). 138–143.
[151]
Yan Zheng, Weiyu Dong, and Jiangtao Zhao. 2021. ZeroDVS: Traceability and security detection of container image based on inheritance graph. In Proceedings of the 2021 IEEE 5th International Conference on Cryptography, Security and Privacy (CSP). 186–192. DOI:
[152]
Jiahong Zhou, Wei Chen, Guoquan Wu, and Jun Wei. 2019. SemiTagRec: A semi-supervised learning based tag recommendation approach for Docker repositories. In Proceedings of the International Conference on Software and Systems Reuse. 132–148.
[153]
Ruiting Zhou, Zongpeng Li, and Chuan Wu. 2018. Scheduling frameworks for cloud container services. IEEE/ACM Transactions on Networking 26, 1 (2018), 436–450. DOI:
[154]
Documentation · Wiki · AppArmor /apparmor · GitLab. Retrieved April 12, 2022 from https://gitlab.com/apparmor/apparmor/-/wikis/Documentation
[155]
Container Vulnerability Scanning • Anchore. Retrieved April 12, 2022 from https://anchore.com/container-vulnerability-scanning
[156]
MicroScanner: New Free Image Vulnerability Scanner for Developers - Aqua. Retrieved April 12, 2022 from https://www.aquasec.com/news/microscanner-new-free-image-vulnerability-scanner-for-developers/
[157]
Docker Image/Container Security Scan with Clair — Installation | by Kinjal Rathod | System Weakness. Retrieved April 12, 2022 from https://systemweakness.com/docker-image-container-security-scan-with-clair-installation-355f80201ef5
[158]
Cilium - Linux Native, API-Aware Networking and Security for Containers. Retrieved April 12, 2022 from https://cilium.io/
[159]
y-cruncher – A Multi-Threaded Pi Program. Retrieved April 13, 2022 from http://www.numberworld.org/y-cruncher/
[160]
NBench - Wikipedia. Retrieved April 13, 2022 from https://en.wikipedia.org/wiki/NBench
[161]
LINPACK. Retrieved April 13, 2022 from http://www.netlib.org/linpack/
[162]
The noploop CPU Benchmark. Retrieved April 13, 2022 from https://www.brendangregg.com/blog/2014-04-26/the-noploop-cpu-benchmark.html
[163]
Parallel BZIP2 (PBZIP2). Retrieved April 13, 2022 from http://compression.ca/pbzip2/
[164]
Geekbench 5 - Cross-Platform Benchmark. Retrieved April 13, 2022 from https://www.geekbench.com/
[165]
Sysbench - Gentoo Wiki. Retrieved April 13, 2022 from https://wiki.gentoo.org/wiki/Sysbench#Using_the_CPU_workload
[166]
SPEC CPU®. (2006). Retrieved April 13, 2022 from https://www.spec.org/cpu2006/
[167]
STREAM Benchmark - AMD. Retrieved April 13, 2022 from https://developer.amd.com/spack/stream-benchmark/
[168]
GitHub - cruvolo/ramspeed-smp: RAMspeed/SMP, a Cache and Memory Benchmarking Tool. Retrieved April 13, 2022 from https://github.com/cruvolo/ramspeed-smp
[169]
Iozone Filesystem Benchmark. (2016). Retrieved April 13, 2022 from https://www.iozone.org/
[170]
dbench. Retrieved April 13, 2022 from https://dbench.samba.org/doc/dbench.1.html
[171]
Bonnie++ - Wikipedia. Retrieved April 13, 2022 from https://en.wikipedia.org/wiki/Bonnie%2B%2B
[172]
1. fio - Flexible I/O tester rev. 3.27 — fio 3.27-169-g1953e1-dirty Documentation. Retrieved April 13, 2022 from https://fio.readthedocs.io/en/latest/fio_doc.html
[173]
netpipe_web. Retrieved April 13, 2022 from https://netpipe.cs.ksu.edu/
[174]
iPerf - The TCP, UDP and SCTP Network Bandwidth Measurement Tool. Retrieved April 13, 2022 from https://iperf.fr/
[175]
netperf - Networking Benchmark Software – LinuxLinks. Retrieved April 13, 2022 from https://www.linuxlinks.com/netperf/
[176]
Container Monitoring Tools | Sematext. Retrieved April 13, 2022 from https://sematext.com/container-monitoring/
[177]
docker stats | Docker Documentation. Retrieved April 13, 2022 from https://docs.docker.com/engine/reference/commandline/stats/
[178]
Sensu Plugins. Retrieved April 13, 2022 from https://sensu-plugins.io/
[179]
Cloud Native & Secure DevOps Platform | Sysdig. Retrieved April 13, 2022 from https://sysdig.com/platform-architecture/
[180]
Overview | Prometheus. Retrieved April 13, 2022 from https://prometheus.io/docs/introduction/overview/
[181]
Monitoring Docker Container Metrics using cAdvisor | Prometheus. Retrieved April 13, 2022 from https://prometheus.io/docs/guides/cadvisor/
[182]
Container Monitoring | Datadog. Retrieved April 13, 2022 from https://www.datadoghq.com/product/container-monitoring/
[183]
Container Monitoring: Essential Tools + Best Practices | Scout APM Blog. Retrieved April 13, 2022 from https://scoutapm.com/blog/container-monitoring
[184]
Container monitoring | Dynatrace. Retrieved April 13, 2022 from https://www.dynatrace.com/solutions/container-monitoring/
[185]
Container Monitoring Tool – Monitor Docker Containers | AppOptics. Retrieved April 13, 2022 from https://www.appoptics.com/use-cases/container-monitoring
[186]
Welcome Page. Retrieved April 13, 2022 from https://www.nuttcp.net/Welcome%20Page.html
Index Terms
- A Systematic Literature Review on Maintenance of Software Containers
Recommendations
Combining containers and virtual machines to enhance isolation and extend functionality on cloud computing
AbstractVirtualization technology is the underlying element of cloud computing. Traditionally, cloud computing has employed virtual machines to distribute available resources and provide isolated environments among users. Multiple virtual ...
Highlights- We study the combination of virtual machines and containers in the cloud.
- The ...
State machine replication in containers managed by Kubernetes
Computer virtualization brought fast resource provisioning to data centers and the deployment of pay-per-use cost models. The system virtualization provided by containers like Docker has improved this flexibility of resource provisioning. Applications ...
Comparing the performance between Virtual Machines and Containers using deep learning credit models
icARTi '21: Proceedings of the International Conference on Artificial Intelligence and its ApplicationsThe cloud computing paradigm utilizes neutralization to isolate data, workloads and network bandwidth in an elastic mode. The providers hence have historically used Virtual Machines (VM) to perform this workload isolation. However these virtual machines ...
Comments
Information & Contributors
Information
Published In
August 2024
963 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/3613627
- Editors:
- David Atienza,
- Michela Milano
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 10 April 2024
Online AM: 10 February 2024
Accepted: 31 January 2024
Revised: 03 November 2023
Received: 25 December 2022
Published in CSUR Volume 56, Issue 8
Check for updates
Author Tags
Qualifiers
- Survey
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 545Total Downloads
- Downloads (Last 12 months)545
- Downloads (Last 6 weeks)84
Reflects downloads up to 26 Jul 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in