�ݺ�ߣ

Openlab
Automated testing and evaluation platform of the source code from
assignments
Mihai Iachimovschi
iachimih@ﬁt.cvut.cz
February 24, 2015
Mihai Iachimovschi iachimih@ﬁt.cvut.cz Openlab February 24, 2015 1 / 19

Problem description
Students have a lot of assignments which are veriﬁed and
evaluated in a classical manner.

Problem description (cont.)
The process of veriﬁcation is very time consuming and ineﬃcient
for the professor

Perfect solution
Building a platform that will:
• Keep track of all assignments;

Perfect solution
• Track deadlines for assignments;

Perfect solution
• Accept assignments submissions;

Perfect solution
• Test automatically the submissions;

Perfect solution
• Test automatically the submissions;
• Evaluate students based on predeﬁned tests;

Advantages
Having such a system will oﬀer us features like:
• Penalization for late submissions;

Advantages
• Rewards for early submissions;

Advantages
• Saving time of professors and students;

Advantages
• Motivating competition between students;

Advantages
• Motivating competition between students;
• Helping professor to focus on teaching rather than verifying;

Constraints
The threats that can tangle:
• Security:
A user is able to submit malicious code to the server;

Constraints
The threats that can tangle:
• Security:
A user is able to submit malicious code to the server;
• Computing power:
Multiple users can submit unoptimized code that can be overloading
the server;

A possible solution
Isolation?

A possible solution (cont.)
But how to isolate properly?

FreeBSD Jails?
FreeBSD jail?

FreeBSD Jails?
FreeBSD jail? No.

FreeBSD Jails?
FreeBSD jail? No.
Reasons:
• Quite old;
• Tightly tied to FreeBSD operating system;
• Limited in functionality;

Virtualization
Classical virtualization?

Virtualization
Classical virtualization? Maybe, but no.

Virtualization
Classical virtualization? Maybe, but no.
Reasons:
• Too much overhead by virtualizing the hardware;
• Each virtual instance should have its own OS;
• Less eﬃcient for our use case;

Containerization
Containerization?

Containerization
Containerization? Deﬁnitely yes.

Containerization
Containerization? Deﬁnitely yes.
Reasons:
• Kernel level isolation;
• Secure;
• Highly reliable;

Virtualization vs. Containerization

What is a container?
A container combines two things:
• cgroups
• namespaces

Linux cgroups
cgroups represent:
• Group of processes;
• Can be nested;
• Limits and isolates:
– CPU;
– Memory;
– Disk I/O;
– Network, etc;

Linux namespaces
namespaces restrict your view of the system:
• Mounts (CLONE NEWNS);
• UTS (CLONE NEWUTS);
• IPC (CLONE NEWIPC);
• PID (CLONE NEWPID);
• Networks (CLONE NEWNET);
• User (CLONE NEWUSER);

Docker
For our system we will use Docker containers.

Docker in a docker

Docker - multiple applications
This is how docker can execute multiple, completely isolated
applications.

End
Thank you.

�ݺ�ߣ

Openlab

More Related Content

Openlab