From: Dave Hansen <haveblue@us.ibm.com>
To: Gerrit Huizenga <gh@us.ibm.com>
Cc: Matt Helsley <matthltc@us.ibm.com>,
Hubertus Franke <frankeh@watson.ibm.com>,
CKRM-Tech <ckrm-tech@lists.sourceforge.net>,
LKML <linux-kernel@vger.kernel.org>,
LSE <lse-tech@lists.sourceforge.net>,
vserver@list.linux-vserver.org, Andrew Morton <akpm@osdl.org>,
Rik van Riel <riel@redhat.com>,
pagg@oss.sgi.com
Subject: Re: [ckrm-tech] Re: [RFC][patch 00/21] PID Virtualization: Overview and Patches
Date: Fri, 16 Dec 2005 13:10:54 -0800 [thread overview]
Message-ID: <1134767454.19403.12.camel@localhost> (raw)
In-Reply-To: <E1EnMSU-0004pH-00@w-gerrit.beaverton.ibm.com>
On Fri, 2005-12-16 at 12:45 -0800, Gerrit Huizenga wrote:
> Interesting... So how to tasks get *into* a container?
Only by inheritance.
> And can they ever get back "out" of a container?
No. Think of the pids again. Even the "outside" of a container, things
like the real init, have to have unique pids. What if the process's pid
is the same as one in use in the default container?
> Are most processes on the system
> initially not in a container? And then they can be stuffed in a container?
> And then containers can be moved around or be isolated from each other?
The current idea is that processes are assigned at fork-time. The
isolation is for the lifetime of the process.
> And, is pid virtualization the point where this happens? Or is that
> a slightly higher level? In other words, is pid virtualization the
> full implementation of container isolation? Or is it a significant
> element on which additional policy, restrictions, and usage models
> can be built?
pid virtualization is simply the one that's easiest to understand, and
the one that demonstrates the largest number of issues. It is a small
piece of the puzzle, but an important one.
-- Dave
next prev parent reply other threads:[~2005-12-16 21:11 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-12-15 14:35 [RFC][patch 00/21] PID Virtualization: Overview and Patches Hubertus Franke
2005-12-15 14:35 ` [RFC][patch 01/21] PID Virtualization: const parameter for process group Hubertus Franke
2005-12-15 14:35 ` [RFC][patch 02/21] PID Virtualization: task virtual pid access functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 03/21] PID Virtualization: return virtual pids where required Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 04/21] PID Virtualization: return virtual process group ids Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 05/21] PID Virtualization: code enhancements for virtual pids in /proc Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 06/21] PID Virtualization: Define pid_to_vpid functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 07/21] PID Virtualization: Use pid_to_vpid conversion functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 08/21] PID Virtualization: file owner pid virtualization Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 09/21] PID Virtualization: define vpid_to_pid functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 10/21] PID Virtualization: Use " Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 11/21] PID Virtualization: use vpgid_to_pgid function Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 12/21] PID Virtualization: Context for pid_to_vpid conversition functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 13/21] PID Virtualization: Documentation Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 14/21] PID Virtualization: pidspace Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 15/21] PID Virtualization: container object and functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 16/21] PID Virtualization: container attach/detach calls Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 17/21] PID Virtualization: /proc/container filesystem Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 18/21] PID Virtualization: Implementation of low level virtualization functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 19/21] PID Virtualization: Handle special case vpid return cases Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 20/21] PID Virtualization: per container /proc filesystem Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 21/21] PID Virtualization: pidspace parent : signal behavior Hubertus Franke
2005-12-15 19:49 ` [RFC][patch 00/21] PID Virtualization: Overview and Patches Gerrit Huizenga
2005-12-15 20:02 ` [ckrm-tech] " Dave Hansen
2005-12-15 20:12 ` Gerrit Huizenga
2005-12-15 22:52 ` Matt Helsley
2005-12-15 22:02 ` Hubertus Franke
2005-12-16 2:20 ` [ckrm-tech] " Matt Helsley
2005-12-16 3:28 ` Gerrit Huizenga
2005-12-16 17:35 ` Dave Hansen
2005-12-16 20:45 ` Gerrit Huizenga
2005-12-16 21:10 ` Dave Hansen [this message]
2005-12-16 23:40 ` Hubertus Franke
2005-12-16 23:47 ` Hubertus Franke
2005-12-17 1:18 ` Matt Helsley
2005-12-17 3:03 ` [Lse-tech] " Hubertus Franke
2005-12-17 1:38 ` Matt Helsley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1134767454.19403.12.camel@localhost \
--to=haveblue@us.ibm.com \
--cc=akpm@osdl.org \
--cc=ckrm-tech@lists.sourceforge.net \
--cc=frankeh@watson.ibm.com \
--cc=gh@us.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lse-tech@lists.sourceforge.net \
--cc=matthltc@us.ibm.com \
--cc=pagg@oss.sgi.com \
--cc=riel@redhat.com \
--cc=vserver@list.linux-vserver.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.