IEICE Transactions on Information and Systems
Online ISSN : 1745-1361
Print ISSN : 0916-8532
Regular Section
Verikube: Automatic and Efficient Verification for Container Network Policies
Haney KANGSeungwon SHIN
Author information
Keywords: cloud, Linux Container, network verification, first-order logic, virtualization
JOURNAL FREE ACCESS

2022 Volume E105.D Issue 12 Pages 2131-2134

Details
Download PDF (566K)
Download citation RIS

(compatible with EndNote, Reference Manager, ProCite, RefWorks)

BIB TEX

(compatible with BibDesk, LaTeX)

Text
How to download citation
Contact us
Abstract

Recently, Linux Container has been the de-facto standard for a cloud system, enabling cloud providers to create a virtual environment in a much more scaled manner. However, configuring container networks remains immature and requires automatic verification for efficient cloud management. We propose Verikube, which utilizes a novel graph structure representing policies to reduce memory consumption and accelerate verification. Moreover, unlike existing works, Verikube is compatible with the complex semantics of Cilium Policy which a cloud adopts from its advantage of performance. Our evaluation results show that Verikube performs at least seven times better for memory efficiency, at least 1.5 times faster for data structure management, and 20K times better for verification.

Content from these authors
© 2022 The Institute of Electronics, Information and Communication Engineers
Previous article Next article
Favorites & Alerts

Recently viewed articles
Announcements from publisher
Share this page
feedback
 Top