Application partitioning in a multi-tenant platform-as-a-service environment in a cloud computing system

摘要

A mechanism for application partitioning in a multi-tenant PaaS environment in a cloud computing system is disclosed. A method of embodiments includes receiving, by a virtual machine (VM), a request to initialize a container on the VM, the container comprising a resource-constrained space of the VM to execute functionality of an application of a multi-tenant PaaS system. The method also includes assigning a user identification (UID) and non-volatile resources to the container, wherein the UID and non-volatile resources are part of a subset of UIDs and a subset of non-volatile resources allotted to the VM from a range of UIDs and a range of non-volatile resources associated with a district of the VM, and wherein other VMs in the district are not allotted the same subset of UIDs from the range of UIDs or the same subset of non-volatile resources from the range of non-volatile resources.

主权项

1. A method, comprising:
receiving, by a virtual machine (VM) executed by a processing device, a request to initialize a container on the VM, the container comprising a resource-constrained space of the VM to execute functionality of an application of a multi-tenant Platform-as-a-Service (PaaS) system; assigning, by the VM, a user identification (UID) to the container, wherein the UID is part of a subset of UIDs allotted to the VM from a range of UIDs associated with a district of the VM, and wherein other VMs in the district are not allotted the same subset of UIDs from the range of UIDs; assigning, by the VM, non-volatile resources to the container, the assigned non-volatile resources associated with the UID of the container and part of a subset of non-volatile resources allotted to the VM from a range of non-volatile resources used by the district, wherein other VMs in the district are not allotted the same subset of non-volatile resources from the range of non-volatile resources; and executing, by the VM, functionality of a first application of the multi-tenant PaaS in the container, wherein the VM comprises other containers executing functionality of other applications having different owners than the application.