Convincing argument, but unfortunately a cursory Google search will reveal he was right. There is very little CPU overhead. The only real consideration is a bite extra storage and RAM to store and load the redundant dependencies of the container.
You’re also ignoring the amount of work the kernel has to do to shift UUIDs around, the resources that the docker daemon itself uses and amounts of redundant stuff to make sure those processes are running that would usually be handled by systemd on a clean system. Yes, containerization is much better nowadays but still overhead.
Can’t comment much about the docker side since it’s not something I’m familiar with.
For the kernel part, assuming what you’re referring to as UUIDs is the pid namespace mechanism, I’m failing to see how that would add overhead with containers. The namespace lookups/permission checks are performed regardless of whether the process is in a container or not. There is no fast path for non-containerized processes. The worst overhead that this could add is probably one extra ptr chase in the namespace linked list.
bear@slrpnk.net 1 year ago
Convincing argument, but unfortunately a cursory Google search will reveal he was right. There is very little CPU overhead. The only real consideration is a bite extra storage and RAM to store and load the redundant dependencies of the container.
TCB13@lemmy.world 1 year ago
You’re also ignoring the amount of work the kernel has to do to shift UUIDs around, the resources that the docker daemon itself uses and amounts of redundant stuff to make sure those processes are running that would usually be handled by systemd on a clean system. Yes, containerization is much better nowadays but still overhead.
stardreamer@lemmy.blahaj.zone 1 year ago
Can’t comment much about the docker side since it’s not something I’m familiar with.
For the kernel part, assuming what you’re referring to as UUIDs is the pid namespace mechanism, I’m failing to see how that would add overhead with containers. The namespace lookups/permission checks are performed regardless of whether the process is in a container or not. There is no fast path for non-containerized processes. The worst overhead that this could add is probably one extra ptr chase in the namespace linked list.