Providing quality of service for containers in a virtualized computing environment

We claim: 1. A method for a computing device to provide quality of service (QoS) for a container in a virtualized computing environment, the method comprising: receiving a traffic flow of packets from a virtual machine; identifying a container from which the traffic flow originates based on content of the received traffic flow of packets, wherein the container is supported by the virtual machine; retrieving a QoS policy configured for the identified container, wherein the QoS policy specifies a network bandwidth allocation for the container; and forwarding the received traffic flow of packets according to the QoS policy. 2. The method of claim 1 , wherein the QoS policy specifies the network bandwidth allocation for the container using one or more of the following: a container shares value that specifies a network bandwidth allocation priority given to the container relative to at least one other container; a container limit value that specifies a maximum network bandwidth allocation for the container; and a container reservation value that specifies a minimum bandwidth allocation guaranteed for the container. 3. The method of claim 2 , wherein the network bandwidth allocation for the container is associated with a network resource pool of the virtual machine, the network resource pool being defined by one or more of the following: a virtual machine shares value that specifies a network bandwidth allocation priority given to the virtual machine relative to at least one other virtual machine; a virtual machine limit value that specifies a maximum network bandwidth allocation for the virtual machine, the container limit value not exceeding the virtual machine limit value; and a virtual machine reservation value that specifies a minimum bandwidth allocation guaranteed for the virtual machine, the container reservation value not exceeding the virtual machine reservation value. 4. The method of claim 2 , wherein forwarding the received traffic flow of packets comprises one or more of the following: scheduling the packets for forwarding at a data transfer rate that is at least the container reservation value; scheduling the packets for forwarding at a data transfer rate that is at most the container limit value; and allocating available network bandwidth to the container according to the container shares value. 5. The method of claim 1 , wherein, prior to receiving the traffic flow, the method further comprises: receiving a request to allow the container to start; retrieving the QoS policy configured for the container from a management entity or obtaining the QoS policy configured for the container from the request; and in response to determination that the QoS policy can be satisfied with current available network bandwidth, allowing the container to start. 6. The method of claim 5 , wherein the method further comprises: in response to determination that the QoS policy cannot be satisfied with current available network bandwidth, determining whether a network bandwidth reallocation is possible to satisfy the QoS policy; and in response to determination that the network bandwidth reallocation is possible, allowing the container to start, but otherwise disallowing the container to start. 7. The method of claim 1 , wherein identifying the container comprises: parsing header data of each packet of the traffic flow to identify the container based on tag data in the header data, wherein the tag data is added to the packet by the virtual machine. 8. A non-transitory computer-readable storage medium that includes a set of instructions which, in response to execution by a processor of a computing device, cause the processor to perform a method of providing quality of service (QoS) for a container in a virtualized computing environment, the method comprising: receiving a traffic flow of packets from a virtual machine; identifying a container from which the traffic flow originates based on content of the received traffic flow of packets, wherein the container is supported by the virtual machine; retrieving a QoS policy configured for the identified container, wherein the QoS policy specifies a network bandwidth allocation for the container; and forwarding the received traffic flow of packets according to the QoS policy. 9. The non-transitory computer-readable storage medium of claim 8 , wherein the QoS policy specifies the network bandwidth allocation for the container using one or more of the following: a container shares value that specifies a network bandwidth allocation priority given to the container relative to at least one other container; a container limit value that specifies a maximum network bandwidth allocation for the container; and a container reservation value that specifies a minimum bandwidth allocation guaranteed for the container. 10. The non-transitory computer-readable storage medium of claim 9 , wherein the network bandwidth allocation for the container is associated with a network resource pool of the virtual machine, the network resource pool being defined by one or more of the following: a virtual machine shares value that specifies a network bandwidth allocation priority given to the virtual machine relative to at least one other virtual machine; a virtual machine limit value that specifies a maximum network bandwidth allocation for the virtual machine, the container limit value not exceeding the virtual machine limit value; and a virtual machine reservation value that specifies a minimum bandwidth allocation guaranteed for the virtual machine, the container reservation value not exceeding the virtual machine reservation value. 11. The non-transitory computer-readable storage medium of claim 8 , wherein forwarding the received traffic flow of packets comprises one or more of the following: scheduling the packets for forwarding at a data transfer rate that is at least the container reservation value; scheduling the packets for forwarding at a data transfer rate that is at most the container limit value; and allocating available network bandwidth to the container according to the container shares value. 12. The non-transitory computer-readable storage medium of claim 8 , wherein, prior to receiving the traffic flow, the method further comprises: receiving a request to allow the container to start; retrieving the QoS policy configured for the container from a management entity or obtaining the QoS policy configured for the container from the request; and in response to determination that the QoS policy can be satisfied with current available network bandwidth, allowing the container to start. 13. The non-transitory computer-readable storage medium of claim 12 , wherein the method further comprises: in response to determination that the QoS policy cannot be satisfied with current available network bandwidth, determining whether a network bandwidth reallocation is possible to satisfy the QoS policy; and in response to determination that the network bandwidth reallocation is possible, allowing the container to start, but otherwise disallowing the container to start. 14. The non-transitory computer-readable storage medium of claim 8 , wherein identifying the container comprises: parsing header data of each packet of the traffic flow to identify the container based on tag data in the header data, wherein the tag data is added to the packet by the virtual machine. 15. A computing device configured to provide quality of service (QoS) for a container in a virtualized computing environment, the computing device comprising: a processor; a physical network inte