From: Hubertus Franke <frankeh@watson.ibm.com>
To: Sam Vilain <sam@vilain.net>
Cc: Rik van Riel <riel@redhat.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Kirill Korotaev <dev@openvz.org>,
Linus Torvalds <torvalds@osdl.org>, Andrew Morton <akpm@osdl.org>,
linux-kernel@vger.kernel.org, clg@fr.ibm.com,
haveblue@us.ibm.com, greg@kroah.com, alan@lxorguk.ukuu.org.uk,
serue@us.ibm.com, arjan@infradead.org, kuznet@ms2.inr.ac.ru,
saw@sawoct.com, devel@openvz.org, Dmitry Mishin <dim@sw.ru>,
Andi Kleen <ak@suse.de>
Subject: Re: [PATCH 1/4] Virtualization/containers: introduction
Date: Tue, 07 Feb 2006 18:18:33 -0500 [thread overview]
Message-ID: <43E92AC9.3090308@watson.ibm.com> (raw)
In-Reply-To: <43E92602.8040403@vilain.net>
Sam Vilain wrote:
> Hubertus Franke wrote:
>
>> The container is just an umbrella object that ties every "virtualized"
>> subsystem together.
>
>
> I like this description; it matches roughly with the concepts as
> presented by vserver; there is the process virtualisation (vx_info), and
> the network virtualisation (nx_info) of Eric's that has been integrated
> to the vserver 2.1.x development branch. However the vx_info has become
> the de facto umbrella object space as well. These could almost
> certainly be split out without too much pain or incurring major
> rethinks.
>
> Sam.
>
Agreed.. here are some issued we learned from other projects that had
similar interception points.
Having a central umbrella object (let's stick to the name container)
is useful, but being the only object through which every access has to
pass may have drawbacks..
task->container->pspace->pidmap[offset].page implies potential
cachemisses etc.
If overhead becomes too large, then we can stick (cache) the pointer
additionally in the task struct. But ofcourse that should be carefully
examined on a per subsystem base...
==
Another thing to point out is that container's can have overlaps.
C/R should be a policy thing. So if each "subsystem"
> Quote Eric>>>
> PIDS
> UIDS
> SYSVIPC
> NETWORK
> UTSNAME
> FILESYSTEM
is represented as a NAMESPACE, then one can pick and choose as a
policy how these constitute at a conceptual level as a container.
You want something migratable you better make sure that
container implies unique subsystems.
Maybe you want to nest containers, but only want to create a
separate pidspaces for performance isolation (see planetlab work
with vserver).
So, there are many possibilities, that might make perfect sense
for different desired solutions and it seems with the
clone ( CLONE_FLAGS_NSPACE_[PIDS/UIDS/SYS.../FS] ) one gets a solution
that is flexible, yet embodies may requirements.....
-- Hubertus
next prev parent reply other threads:[~2006-02-07 23:18 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-06 21:57 [PATCH 1/4] Virtualization/containers: introduction Kirill Korotaev
2006-02-06 22:12 ` [PATCH 2/4] Virtualization/containers: CONFIG_CONTAINER Kirill Korotaev
2006-02-06 22:17 ` [PATCH 3/4] Virtualization/containers: UID hash Kirill Korotaev
2006-02-06 22:22 ` [PATCH 4/4] Virtualization/containers: uts name Kirill Korotaev
2006-02-06 23:00 ` [PATCH 1/4] Virtualization/containers: introduction Dave Hansen
2006-02-07 12:24 ` Kirill Korotaev
2006-02-07 3:34 ` Eric W. Biederman
2006-02-07 3:40 ` Rik van Riel
2006-02-07 6:30 ` Sam Vilain
2006-02-07 11:51 ` Kirill Korotaev
2006-02-07 14:31 ` Eric W. Biederman
2006-02-07 15:42 ` Eric W. Biederman
2006-02-07 16:18 ` Kirill Korotaev
2006-02-07 17:20 ` Eric W. Biederman
2006-02-07 22:43 ` Sam Vilain
2006-02-07 16:57 ` Hubertus Franke
2006-02-07 20:19 ` Serge E. Hallyn
2006-02-07 20:46 ` Hubertus Franke
2006-02-07 22:00 ` Eric W. Biederman
2006-02-07 22:19 ` Hubertus Franke
2006-02-07 22:06 ` The issues for agreeing on a virtualization/namespaces implementation Eric W. Biederman
2006-02-07 23:35 ` Hubertus Franke
2006-02-08 0:43 ` Alexey Kuznetsov
2006-02-08 2:49 ` Eric W. Biederman
2006-02-08 3:36 ` Serge E. Hallyn
2006-02-08 3:52 ` Eric W. Biederman
2006-02-08 4:37 ` Herbert Poetzl
2006-02-08 4:46 ` Eric W. Biederman
2006-02-08 19:24 ` Stephen Hemminger
2006-02-08 5:23 ` Eric W. Biederman
2006-02-08 14:40 ` Hubertus Franke
2006-02-08 15:17 ` Serge E. Hallyn
2006-02-08 15:35 ` Kirill Korotaev
2006-02-08 15:57 ` Hubertus Franke
2006-02-08 19:02 ` Herbert Poetzl
2006-02-08 16:48 ` Eric W. Biederman
2006-02-08 17:46 ` Eric W. Biederman
2006-02-08 18:03 ` Serge E. Hallyn
2006-02-08 18:31 ` Hubertus Franke
2006-02-08 20:21 ` Dave Hansen
2006-02-08 21:22 ` Serge E. Hallyn
2006-02-08 22:28 ` Eric W. Biederman
2006-02-20 12:11 ` Kirill Korotaev
2006-02-20 12:41 ` Herbert Poetzl
2006-02-20 14:26 ` Kirill Korotaev
2006-02-20 15:16 ` Herbert Poetzl
2006-02-08 4:56 ` Herbert Poetzl
2006-02-08 14:38 ` Serge E. Hallyn
2006-02-08 14:51 ` Hubertus Franke
2006-02-09 4:45 ` Kyle Moffett
2006-02-09 5:41 ` Eric W. Biederman
2006-02-09 22:25 ` Eric W. Biederman
2006-02-07 22:58 ` [PATCH 1/4] Virtualization/containers: introduction Sam Vilain
2006-02-07 23:18 ` Hubertus Franke [this message]
2006-02-08 5:03 ` Eric W. Biederman
2006-02-08 14:13 ` Hubertus Franke
2006-02-08 15:44 ` Kirill Korotaev
2006-02-08 16:39 ` Eric W. Biederman
2006-02-08 2:08 ` Kevin Fox
2006-02-08 1:16 ` Sam Vilain
2006-02-08 4:21 ` Paul Jackson
2006-02-08 15:36 ` Kirill Korotaev
2006-02-08 17:16 ` Eric W. Biederman
2006-02-08 20:43 ` Dave Hansen
2006-02-08 21:04 ` Eric W. Biederman
2006-02-07 12:14 ` Kirill Korotaev
2006-02-07 14:06 ` Eric W. Biederman
2006-02-07 14:52 ` Rik van Riel
2006-02-07 15:13 ` Eric W. Biederman
2006-02-09 0:24 ` Eric W. Biederman
2006-02-09 2:18 ` Jeff Dike
2006-02-09 3:16 ` Eric W. Biederman
2006-02-09 14:28 ` Kirill Korotaev
2006-02-09 15:40 ` Jeff Dike
2006-02-09 15:49 ` Kirill Korotaev
2006-02-09 17:50 ` Jeff Dike
2006-02-09 16:38 ` Hubertus Franke
2006-02-09 17:48 ` Jeff Dike
2006-02-09 22:09 ` Sam Vilain
2006-02-09 21:56 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43E92AC9.3090308@watson.ibm.com \
--to=frankeh@watson.ibm.com \
--cc=ak@suse.de \
--cc=akpm@osdl.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=arjan@infradead.org \
--cc=clg@fr.ibm.com \
--cc=dev@openvz.org \
--cc=devel@openvz.org \
--cc=dim@sw.ru \
--cc=ebiederm@xmission.com \
--cc=greg@kroah.com \
--cc=haveblue@us.ibm.com \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=riel@redhat.com \
--cc=sam@vilain.net \
--cc=saw@sawoct.com \
--cc=serue@us.ibm.com \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.