From: Kirill Korotaev <dev@sw.ru>
To: "Serge E. Hallyn" <serue@us.ibm.com>
Cc: devel@openvz.org, Sam Vilain <sam@vilain.net>,
Andrew Morton <akpm@osdl.org>,
linux-kernel@vger.kernel.org,
Herbert Poetzl <herbert@13thfloor.at>, Mishin Dmitry <dim@sw.ru>,
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Subject: Re: [Devel] Re: [RFC] [PATCH 0/7] Some basic vserver infrastructure
Date: Wed, 29 Mar 2006 16:07:21 +0400 [thread overview]
Message-ID: <442A7879.20802@sw.ru> (raw)
In-Reply-To: <20060327124517.GA16114@sergelap.austin.ibm.com>
Serge,
Serge E. Hallyn wrote:
> Quoting Kirill Korotaev (dev@sw.ru):
>> Just to make it more clear: my understanding of word "nested" means that
>> if you have, for example, a nested IPC namespace, than parent can see
>> all the resources (sems, shms, ...) of it's children and have some
>> private, while children see only its own set of private resources. But
>> it doesn't look like you are going to implement anything like this.
>> So what is nesting then? Ability to create namespace? To delegate it
>> some part of own resource limits?
>
> Nesting simply means that any child ns can create child namespaces of
> it's own.
your picture below doesn't show that containers have nested containers.
You draw a plain container set inside vserv.
What I mean is that if some container user can create another container,
it DOES not mean it is nested. It is just about permitions to create
other containers. Nested containers in my POV is something different,
when you can see the resources of your container and your children. You see?
I will try to show what I mean on a picture:
--------------------------------------------------
| --------------------------------- |
| | ---------------
| | | |
| cont 1.1.1 | | |
| | | shm1.1.1.1 | | |
| | |
shm1.1.1.2 | | | |
cont 1. | cont 1.1 --------------- | |
| shm1.1 | shm1.1.1 --------------- | |
| shm1.2 | | cont 1.1.2 |
| | | |
| shm1.1.2.1 | | |
| | --------------- | |
|
--------------------------------- |
|--------------------------------------------------
You see what I mean? In this example with IPC sharememory container 1
can see all the shm segments. while container1.1.2 can see only his
private one smm1.1.2.1.
And if resources are not nested like this, than it is a PLAIN container
structure.
Kirill
> In particular, the following scenario should be perfectly valid:
>
> Machine 1 Machine 2
> Xen VM1.1 Xen VM2.1
> vserv 1.1.1 vserv2.1.1
> cont1.1.1.1 cont2.1.1.1
> cont1.1.1.2 cont2.1.1.2
> cont1.1.1.n cont2.1.1.n
> vserv 1.1.2 vserv2.1.2
> cont1.1.2.1 cont2.1.2.1
> cont1.1.2.2 cont2.1.2.2
> cont1.1.2.n cont2.1.2.n
> Xen VM1.2 Xen VM2.2
> vserv 1.2.1 vserv2.2.1
> cont1.2.1.1 cont2.2.1.1
> cont1.2.1.2 cont2.2.1.2
> cont1.2.1.n cont2.2.1.n
> vserv 1.2.2 vserv2.2.2
> cont1.2.2.1 cont2.2.2.1
> cont1.2.2.2 cont2.2.2.2
> cont1.2.2.n cont2.2.2.n
>
> where containers are used for each virtual server and each container,
> so that we can migrate entire VMs, entire virtual servers, or any
> container.
>
>>>>>> Perhaps we can get a ruling from core team on this one, as it's
>>>>>> aesthetics :-).
>> I propose to use "namespace" naming.
>> 1. This is already used in fs.
>> 2. This is what IMHO suites at least OpenVZ/Eric
>> 3. it has good acronym "ns".
>
> I agree.
>
> -serge
>
next prev parent reply other threads:[~2006-03-29 12:07 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20060321061333.27638.63963.stgit@localhost.localdomain>
2006-03-21 18:50 ` [RFC] [PATCH 0/7] Some basic vserver infrastructure Dave Hansen
2006-03-21 21:08 ` Sam Vilain
2006-03-21 21:32 ` Dave Hansen
2006-03-21 23:12 ` Sam Vilain
2006-03-22 5:18 ` Sam Vilain
2006-03-22 7:13 ` Eric W. Biederman
2006-03-23 4:17 ` Sam Vilain
2006-03-24 15:36 ` [Devel] " Kirill Korotaev
2006-03-27 12:45 ` Serge E. Hallyn
2006-03-28 5:28 ` Sam Vilain
2006-03-29 12:07 ` Kirill Korotaev [this message]
2006-03-29 13:47 ` Serge E. Hallyn
2006-03-29 21:30 ` Sam Vilain
2006-04-19 7:50 ` Eric W. Biederman
2006-04-19 21:42 ` Sam Vilain
2006-03-22 6:41 ` Eric W. Biederman
2006-03-23 4:29 ` Sam Vilain
2006-03-23 4:50 ` Andrew Morton
2006-03-24 15:38 ` Kirill Korotaev
2006-03-24 15:37 ` Kirill Korotaev
2006-03-24 20:28 ` Eric W. Biederman
2006-03-24 21:01 ` Herbert Poetzl
2006-03-24 21:13 ` Eric W. Biederman
2006-03-24 21:40 ` Herbert Poetzl
2006-03-24 22:30 ` Eric W. Biederman
2006-03-25 18:37 ` Eric W. Biederman
[not found] ` <20060321061333.27638.9112.stgit@localhost.localdomain>
2006-03-21 18:53 ` [RFC] [PATCH 1/7] Add process virtualisation umbrella structure (vx_info) Dave Hansen
2006-03-21 21:52 ` Sam Vilain
2006-03-22 2:02 ` Herbert Poetzl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=442A7879.20802@sw.ru \
--to=dev@sw.ru \
--cc=akpm@osdl.org \
--cc=devel@openvz.org \
--cc=dim@sw.ru \
--cc=herbert@13thfloor.at \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=sam@vilain.net \
--cc=serue@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.