scispace - formally typeset
Search or ask a question
Journal ArticleDOI

Cloud Container Technologies: A State-of-the-Art Review

TL;DR: A discussion of agreed and emerging concerns in the container orchestration space is discussed, positioning it within the cloud context, but also moving it closer to current concerns in cloud platforms, microservices and continuous development.
Abstract: Containers as a lightweight technology to virtualise applications have recently been successful, particularly to manage applications in the cloud. Often, the management of clusters of containers becomes essential and the orchestration of the construction and deployment becomes a central problem. This emerging topic has been taken up by researchers, but there is currently no secondary study to consolidate this research. We aim to identify, taxonomically classify and systematically compare the existing research body on containers and their orchestration and specifically the application of this technology in the cloud. We have conducted a systematic mapping study of 46 selected studies. We classified and compared the selected studies based on a characterisation framework. This results in a discussion of agreed and emerging concerns in the container orchestration space, positioning it within the cloud context, but also moving it closer to current concerns in cloud platforms, microservices and continuous development.
Citations
More filters
Journal ArticleDOI
TL;DR: This work systematically analyzes the industrial grey literature on microservices, to identify the technical/operational pains and gains of the microservice-based architectural style.

247 citations

Proceedings ArticleDOI
01 Jan 2018
TL;DR: It is concluded that different architecture patterns emerge for different migration, orchestration, storage and deployment settings for a set of agreed principles.
Abstract: Microservices is an architectural style increasing in popularity. However, there is still a lack of understanding how to adopt a microservice-based architectural style. We aim at characterizing different microservice architectural style patterns and the principles that guide their definition. We conducted a systematic mapping study in order to identify reported usage of microservices and based on these use cases extract common patterns and principles. We present two key contributions. Firstly, we identified several agreed microservice architecture patterns that seem widely adopted and reported in the case studies identified. Secondly, we presented these as a catalogue in a common template format including a summary of the advantages, disadvantages, and lessons learned for each pattern from the case studies. We can conclude that different architecture patterns emerge for different migration, orchestration, storage and deployment settings for a set of agreed principles.

145 citations

Journal ArticleDOI
TL;DR: This paper has derived four generalized use cases that should cover security requirements within the host-container threat landscape and hopes that this analysis will help researchers understand container security requirements and obtain a clearer picture of possible vulnerabilities and attacks.
Abstract: Containers emerged as a lightweight alternative to virtual machines (VMs) that offer better microservice architecture support. The value of the container market is expected to reach $2.7 billion in 2020 as compared to $762 million in 2016. Although they are considered the standardized method for microservices deployment, playing an important role in cloud computing emerging fields such as service meshes, market surveys show that container security is the main concern and adoption barrier for many companies. In this paper, we survey the literature on container security and solutions. We have derived four generalized use cases that should cover security requirements within the host-container threat landscape. The use cases include: (I) protecting a container from applications inside it, (II) inter-container protection, (III) protecting the host from containers, and (IV) protecting containers from a malicious or semi-honest host. We found that the first three use cases utilize a software-based solutions that mainly rely on Linux kernel features (e.g., namespaces, CGroups, capabilities, and seccomp) and Linux security modules (e.g., AppArmor). The last use case relies on hardware-based solutions such as trusted platform modules (TPMs) and trusted platform support (e.g., Intel SGX). We hope that our analysis will help researchers understand container security requirements and obtain a clearer picture of possible vulnerabilities and attacks. Finally, we highlight open research problems and future research directions that may spawn further research in this area.

121 citations


Cites background from "Cloud Container Technologies: A Sta..."

  • ...OPEN ISSUES AND FUTURE RESEARCH DIRECTIONS Research on container technologies is still in a formative stage and needs more experimental evaluation [113]....

    [...]

Journal ArticleDOI
TL;DR: The building blocks of an architectural style for cloud-based software systems are discussed and style-defining architectural principles and patterns for control-theoretic, model-based architectures for cloud software are captured.
Abstract: A cloud is a distributed Internet-based software system providing resources as tiered services. Through service-orientation and virtualization for resource provisioning, cloud applications can be deployed and managed dynamically. We discuss the building blocks of an architectural style for cloud-based software systems. We capture style-defining architectural principles and patterns for control-theoretic, model-based architectures for cloud software. While service orientation is agreed on in the form of service-oriented architecture and microservices, challenges resulting from multi-tiered, distributed and heterogeneous cloud architectures cause uncertainty that has not been sufficiently addressed. We define principles and patterns needed for effective development and operation of adaptive cloud-native systems.

95 citations


Cites background or methods from "Cloud Container Technologies: A Sta..."

  • ...…need to have a representation at runtime to allow self-adaptive systems to interact with the environment, i.e., “self-reflect” through models that link in the decision-making process necessary to change the underlying system (Baresi and Ghezzi 2013; Ghezzi et al. 2013; Pahl et al. 2017b)....

    [...]

  • ...DevOps provides this link from software development to technology operations and quality management; container technology and cloud-native services provide cloud-based virtualization and implementation support (Pautasso et al. 2017; Pahl et al. 2017a)....

    [...]

Journal ArticleDOI
TL;DR: How smart contracts can be maliciously exploited and targeted is focused on, such as security issues of contract program model, vulnerabilities in the program and safety consideration introduced by program execution environment.
Abstract: Blockchain has recently emerged as a research trend, with potential applications in a broad range of industries and context. One particular successful Blockchain technology is smart contract, which is widely used in commercial settings (e.g., high value financial transactions). This, however, has security implications due to the potential to financially benefit from a security incident (e.g., identification and exploitation of a vulnerability in the smart contract or its implementation). Among, Ethereum is the most active and arresting. Hence, in this paper, we systematically review existing research efforts on Ethereum smart contract security, published between 2015 and 2019. Specifically, we focus on how smart contracts can be maliciously exploited and targeted, such as security issues of contract program model, vulnerabilities in the program and safety consideration introduced by program execution environment. We also identify potential research opportunities and future research agenda.

83 citations

References
More filters
ReportDOI
28 Sep 2011
TL;DR: This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.
Abstract: Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.

15,145 citations


"Cloud Container Technologies: A Sta..." refers methods in this paper

  • ...The cloud uses virtualisation techniques to achieve elasticity of large-scale shared resources [12]....

    [...]

Journal ArticleDOI
TL;DR: The series of cost estimation SLRs demonstrate the potential value of EBSE for synthesising evidence and making it available to practitioners and European researchers appear to be the leading exponents of systematic literature reviews.
Abstract: Background: In 2004 the concept of evidence-based software engineering (EBSE) was introduced at the ICSE04 conference. Aims: This study assesses the impact of systematic literature reviews (SLRs) which are the recommended EBSE method for aggregating evidence. Method: We used the standard systematic literature review method employing a manual search of 10 journals and 4 conference proceedings. Results: Of 20 relevant studies, eight addressed research trends rather than technique evaluation. Seven SLRs addressed cost estimation. The quality of SLRs was fair with only three scoring less than 2 out of 4. Conclusions: Currently, the topic areas covered by SLRs are limited. European researchers, particularly those at the Simula Laboratory appear to be the leading exponents of systematic literature reviews. The series of cost estimation SLRs demonstrate the potential value of EBSE for synthesising evidence and making it available to practitioners.

2,843 citations


"Cloud Container Technologies: A Sta..." refers background or methods in this paper

  • ...Secondary studies identify, classify and synthesise a comparative overview of state-of-the-research and enable an assessment of ongoing work [7], [15]....

    [...]

  • ...We can also clarify the general goal and scope of the study using the Population, Intervention, Comparison, Outcome (PICO) criteria [7]: Define and Evaluate Review Protocol....

    [...]

Proceedings ArticleDOI
26 Jun 2008
TL;DR: This work describes how to conduct a systematic mapping study in software engineering and provides guidelines for conducting systematic maps, and compares systematic maps with systematic reviews by systematically analyzing existing systematic reviews.
Abstract: BACKGROUND: A software engineering systematic map is a defined method to build a classification scheme and structure a software engineering field of interest. The analysis of results focuses on frequencies of publications for categories within the scheme. Thereby, the coverage of the research field can be determined. Different facets of the scheme can also be combined to answer more specific research questions. OBJECTIVE: We describe how to conduct a systematic mapping study in software engineering and provide guidelines. We also compare systematic maps and systematic reviews to clarify how to chose between them. This comparison leads to a set of guidelines for systematic maps. METHOD: We have defined a systematic mapping process and applied it to complete a systematic mapping study. Furthermore, we compare systematic maps with systematic reviews by systematically analyzing existing systematic reviews. RESULTS: We describe a process for software engineering systematic mapping studies and compare it to systematic reviews. Based on this, guidelines for conducting systematic maps are defined. CONCLUSIONS: Systematic maps and reviews are different in terms of goals, breadth, validity issues and implications. Thus, they should be used complementarily and require different methods (e.g., for analysis).

2,486 citations

Proceedings ArticleDOI
29 Mar 2015
TL;DR: This paper explores the performance of traditional virtual machine (VM) deployments, and contrast them with the use of Linux containers, using KVM as a representative hypervisor and Docker as a container manager.
Abstract: Cloud computing makes extensive use of virtual machines because they permit workloads to be isolated from one another and for the resource usage to be somewhat controlled. In this paper, we explore the performance of traditional virtual machine (VM) deployments, and contrast them with the use of Linux containers. We use KVM as a representative hypervisor and Docker as a container manager. Our results show that containers result in equal or better performance than VMs in almost all cases. Both VMs and containers require tuning to support I/Ointensive applications. We also discuss the implications of our performance results for future cloud architectures.

1,065 citations


"Cloud Container Technologies: A Sta..." refers background in this paper

  • ...Many of them also address virtual machines and compare how containers perform due to having a lighter virtualisation approach [2], [3]....

    [...]

Journal ArticleDOI
01 Jul 2013
TL;DR: In this article, the authors conducted a systematic literature review (SLR) of 23 selected studies, published from 2010 to 2013, to identify, taxonomically classify, and systematically compare existing research on cloud migration.
Abstract: Background--By leveraging cloud services, organizations can deploy their software systems over a pool of resources. However, organizations heavily depend on their business-critical systems, which have been developed over long periods. These legacy applications are usually deployed on-premise. In recent years, research in cloud migration has been carried out. However, there is no secondary study to consolidate this research. Objective--This paper aims to identify, taxonomically classify, and systematically compare existing research on cloud migration. Method--We conducted a systematic literature review (SLR) of 23 selected studies, published from 2010 to 2013. We classified and compared the selected studies based on a characterization framework that we also introduce in this paper. Results--The research synthesis results in a knowledge base of current solutions for legacy-to-cloud migration. This review also identifies research gaps and directions for future research. Conclusion--This review reveals that cloud migration research is still in early stages of maturity, but is advancing. It identifies the needs for a migration framework to help improving the maturity level and consequently trust into cloud migration. This review shows a lack of tool support to automate migration tasks. This study also identifies needs for architectural adaptation and self-adaptive cloud-enabled systems.

347 citations