The Lessons from the overuse of multitenancy – quotas and reservations:

The computing power and storage matters to the users more than how it is provisioned and where. The ease of requesting the compute, the cleanliness of instantiating and deleting the associated resource, the ability to migrate applications and services far outweigh any consideration of the vendor or the mechanism just so long as the performance, security and costs are comparable.

One of the classic indicators of overengineering is when there are many dials and knobs. There are two specific problems with these. First, it is an enormous burden for the users to figure out when and how to tune them optimally. Second, it increases the chance of oversight, improper use, and mistakes.

Consider the case brought forward by Alphonse Chapanis, a US Army Air Force aero medical lab psychologist who interviewed many pilots of the B-16 ‘Flying fortress’ bomber aircraft and were distressed to have landed a perfectly good plane after their mission only to see it suffer damage on stopping slowly. He determined that the pilots could not distinguish between the switches between the flaps and the landing gear that were co-located and retracted the landing gear when they meant to retract the flaps causing a nosedive and damage to the wings, propeller, and the underside of the aircraft. This incident review resulted in the switches having the landing wheel and wing flap design introduced to tell them apart and even to place them on opposite sides of the controller box. The savings from the prevented aircraft loss thereafter are a testament to the proper placement and use of controls.

Containers are governed by the quotas and limits of the underlying system to manage the shared resources. Solaris introduced partitions for different flavors, quotas and limits for file-systems and soon applications would start failing in one partition because they didn't have enough resources on this as they earlier had on the undivided host. One of the reasons Solaris zones suffered from application migration considerations from the operating system consumers is that they kept running into application failures due to limits. Both Linux containers and Solaris zones must be understood as operating system features and not as standalone products for virtualization technologies.

Linux containers have the advantage that they provide the same environment without the overhead of a separate kernel and hardware. This translates to lightning-fast availability of an isolated shell as well as their reduction of failure points. The hardware is not necessarily partitioned per virtual machine and the separation of kernel does play significantly in terms of performance because the emulation is different from the real especially when compared to a standalone and dedicated instance.

 Quotas often cause resource starvation and non-deterministic behavior of otherwise sound applications. Soft limits complicate the matter even further. This calls for a judicious use of leveraging multitenancy.