Techniques and Tools for De-bloating Containers

Abstract

Our goal is to develop a suite of automated and semi-automated tools for debloating future cloudcomputing systemsthat use containers (such as Docker). This includes (a) creating a slimmed-down version of the container that executesonly one simple application tas"k, and packs only as many resources as needed to fulfill its functionality requirementand (b) debloats the underlying operating sys"tem so that only components/services that are necessary for the reducedcontainers are retained. The entire goal of the project alig"ns with TA2, but some proposed tasks also align with otherTAs. For example, resource analysis and execution slicing also align with" TA5.Debloating will be supported by a variety of tools for untangling and simplifying applications that address the following:Debloating of containers to make containers slimmer and also provide better isolation. Debloating of executables withincontainers using methods like partial evaluation and slicing of executables. Reducing OS kernels to eliminateredundant services/modules.

Document Details

Document Type
DoD Grant Award
Publication Date
Sep 29, 2017
Source ID
N000141712889

Entities

People

  • Somesh Jha

Organizations

  • Office of Naval Research
  • United States Navy
  • University of Wisconsin System

Tags

Fields of Study

  • Computer science
  • Engineering

Readers

  • Distributed Systems and Data Platform Development
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.
  • Military Logistics and Supply Chain Management