From: Herbert Poetzl <herbert@13thfloor.at>
To: Marek Habersack <grendel@caudium.net>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>,
Peter Chubb <peter@chubb.wattle.id.au>,
Jeff Dike <jdike@addtoit.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: user- vs kernel-level resource sandbox for Linux?
Date: Thu, 2 Dec 2004 03:32:13 +0100 [thread overview]
Message-ID: <20041202023213.GA12857@mail.13thfloor.at> (raw)
In-Reply-To: <20041130204708.GB14080@beowulf.thanes.org>
On Tue, Nov 30, 2004 at 09:47:08PM +0100, Marek Habersack wrote:
> On Tue, Nov 30, 2004 at 06:48:27PM +0000, Alan Cox scribbled:
> > On Maw, 2004-11-30 at 02:39, Marek Habersack wrote:
> > > per-process isn't enough. I specifically need something to limit the memory
> > > usage on a more global scale - per user ID or per process group or a similar
> > > way of grouping related processes. That's the only way to tame processes
> > > like apache. At this point the option I'm considering is Xen, unless I can
> > > find a userland solution to the problem...
> >
> > I'd suggest playing with Xen - its very efficient and it really does
> > come close to perfect constraint for resources.
> That's my current impression. I also considered writing a simple kernel
> module to intercept sys_brk, but that seemed to be a bit clumsy. We have
> been running a test installation of Xen with 2 VMs under quite high load and
> it performs outstandingly well in "laboratory environment".
> Also, I seem to recall there used to be a patch for the linux kernel to implement
> BSD-like jail environment, which would suit my purpose too, do you know what happened
> to the project/where it can be found? It would be a great addition to the
> kernel, just like the Zones in Solaris 10 are (which are based on the BSD
> jail concept as well).
maybe this might be of interest for you:
http://linux-vserver.org/
http://linux-vserver.org/Linux-VServer-Paper
best,
Herbert
> regards,
>
> marek
prev parent reply other threads:[~2004-12-02 2:32 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-11-29 10:19 user- vs kernel-level resource sandbox for Linux? Marek Habersack
2004-11-29 20:00 ` Jeff Dike
2004-11-29 22:13 ` Peter Chubb
2004-11-30 2:39 ` Marek Habersack
2004-11-30 18:48 ` Alan Cox
2004-11-30 20:47 ` Marek Habersack
2004-11-30 20:20 ` Alan Cox
2004-12-02 2:32 ` Herbert Poetzl [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20041202023213.GA12857@mail.13thfloor.at \
--to=herbert@13thfloor.at \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=grendel@caudium.net \
--cc=jdike@addtoit.com \
--cc=linux-kernel@vger.kernel.org \
--cc=peter@chubb.wattle.id.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.