CNTR + ExtFUSE Integration
Container Runtime Optimization with eBPF
Overview
This research project explores optimizing containerized application performance through filesystem extension frameworks. It integrates ExtFUSE (Extended FUSE with eBPF extensions) into the CNTR container attachment tool, enabling production debugging of slim containers without bloating images — all while maintaining high I/O performance through kernel-level optimizations.
Key Features
- eBPF-powered fast paths that bypass userspace FUSE overhead by ~30-50%
- CNTR integration enabling FAT container attachment to running SLIM containers for live debugging
- Comprehensive benchmarking suite using Phoronix Test Suite and SQLite workloads
- Docker-in-Docker setup with privileged /dev/fuse access for nested container filesystem mounting
- Custom Linux kernel compilation with ExtFUSE and eBPF syscall support
- Automated HTML report generation with timestamped performance results
Architecture
The system operates in three experimental configurations: CNTR+FUSE (baseline), CNTR+ExtFUSE (optimized), and Monolithic (traditional). Each setup measures container startup latency, memory bandwidth via PTS/Stream, SQLite transaction throughput, and IOPS. The ExtFUSE approach uses eBPF programs compiled with clang/LLVM to intercept filesystem calls at the kernel level, avoiding the costly user-kernel context switches inherent in standard FUSE.