
Comparing Triton containers to VMs and bare metal servers - xj9
https://www.joyent.com/blog/understanding-triton-containers
======
johannesboyne
[https://www.youtube.com/watch?v=Ll50EFquwSo](https://www.youtube.com/watch?v=Ll50EFquwSo)
Building and scaling container driven cloud infrastructure - Bryan Cantrill
(Video about Triton)

------
mwcampbell
I've been watching Joyent with interest for a while now, but I don't think I
or my employer will be using their public cloud any time soon. Frankly, the
pricing standard set by DigitalOcean a couple of years ago, and since followed
by Linode (my and my employer's current favorite) and Vultr, is pretty hard to
beat. I don't know how I'd justify 2x the price (not even counting bandwidth)
when the performance of Linode is good enough. So I'll just continue to watch
with interest. Now that SmartDataCenter is open source, maybe someone else
will set up an SDC cloud with pricing that's competitive with DigitalOcean and
the like. That would suck for Joyent though, so I shouldn't really wish for
it.

------
logicallee
there are about 60 mentions of the word "container" on that page, including a
full chart of questions "Compared to Docker in a VM", such as "Where are
containers run"?

But the real question that should be at the top of the file, or at least that
table of questions, is "what is a container"?

So: what is a container? (As opposed to a VM.)

~~~
dmpk2k
Container is a chroot jail on steroids. VM is a QEMU process (also in a
container).

~~~
logicallee
how can you run a totally different architecture from just a chroot jail? It
doesn't make sense. How are you "on the metal" if you're running some totally
different kernel from what the chroot-jail-host is running? You can't both be
running the kernel on the metal...

~~~
bahamat
It's not a different architecture. SmartOS is x86 based, as are the Linux
binaries.

What lx-brand zones do is present an alternate system call table to the
binaries executed inside the zone. Those "lx" calls are compatible with the
Linux system call table and get mapped and/or translated to illumos kernel
system calls. Binaries don't know the difference.

~~~
mrbill
So Triton is basically (simplifying) Solaris / SmartOS zones with the LX stuff
installed?

~~~
bahamat
It's that, plus cloud orchestration (i.e., SmartDataCenter) which includes
sdc-docker, providing the Docker API and image management.

------
gtirloni
_Containers hosting hardware virtual machines running Windows, FreeBSD, or
others_

Can't we just describe VMs as VMs and be done with it? So it's a container
that has a VM inside it?

~~~
jclulow
Yes, the QEMU process that underpins the hardware virtual machine lives within
a container on the host. It means that a vulnerability in QEMU that allows for
guest escape will land you in an otherwise empty container, rather than out on
the host where other tenants are accessible.

But Triton is first and foremost about _container-based_ virtualisation: which
involves no HVM at all!

~~~
gtirloni
Ah, that's something I hadn't considered. Good point. I guess the overhead
will be minimum in that scenario.

------
robbiet480
Surprising that Joyent used an extremely similar name as Amazon's extremely
similar product, EC2 Container Service (EC2 expands to Elastic Compute Cloud,
so the full name is Elastic Compute Cloud Container Service)

[http://aws.amazon.com/ecs/](http://aws.amazon.com/ecs/)

~~~
omarforgotpwd
The name is very similar but the products are not so similar -- ECS simply
schedules Docker containers across the virtual machines you already have
running on AWS. Triton schedules and runs containers on bare metal.
Virtualization of course has performance and I/O overhead.

------
kstenerud
Now if only they fully supported AMD CPUs...

~~~
bahamat
SmartOS runs just fine on AMD CPUs. KVM support for AMD hasn't been merged to
illumos-kvm yet (mostly just due to time), but you can do your own builds with
it ([https://github.com/jclulow/illumos-
kvm/](https://github.com/jclulow/illumos-kvm/)).

But Triton containers don't run in KVM anyway. They run natively on the OS
with no VM. So you can download and run Triton on AMD today, just as you can
with Intel CPUs.

