From: Stanislav Kinsbursky <skinsbursky@parallels.com>
To: "J. Bruce Fields" <bfields@fieldses.org>
Cc: "linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>,
Pavel Emelianov <xemul@parallels.com>,
"Kirill A. Shutemov" <kas@openvz.org>,
"jlayton@redhat.com" <jlayton@redhat.com>
Subject: Re: network-namespace-aware nfsd
Date: Thu, 06 Oct 2011 13:59:09 +0400 [thread overview]
Message-ID: <4E8D7BED.6020705@parallels.com> (raw)
In-Reply-To: <20111005181959.GB18449@fieldses.org>
05.10.2011 22:19, J. Bruce Fields пишет:
>
> I don't think so. Here's roughly how nfsd looks up an inode given a
> filehandle:
>
> - look up the ip address in the auth.unix.ip cache (filled by
> rpc.mountd) and get a "struct auth_domain", which represents
> some set of clients. (E.g., "*.example.com").
> - extract the part of the filehandle that represents the export
> and look that up in the nfsd.fh cache (also filled by
> rpc.mountd); result is a path, resolved to a (vfsmount,
> dentry) in the context of rpc.mountd.
> - look up the (auth_domain, path) pair in the nfsd.export cache
> (again filled by rpc.mountd) to get export options (ro vs rw,
> security requirements, etc.).
>
> As long as we create per-network-namespace auth.unix.ip, nfsd.fh, and
> nfsd.export caches, and as long as nfsd does those lookups in the right
> cache (which should be easy, as it can always reach the namespace from
> rqstp->rq_xprt->xpt_net).... I think it all works. Do you see any
> problem?
>
I'm not so familiar with NFS server code. So, probably, you are right and no
problems here at all.
>
> Similarly net/sunrpc/svc.c:svc_process_common(), where the version check
> is normally done, knows what namespace the request is associated with
> (again by looking at xpt_net), and could look up the supported versions
> per-namespace.
>
> As long as everything on the server side is passed a struct svc_rqst, I
> don't think having distinct thread pools would simplify anything.
>
> Do you think I'm missing anything?
>
I realized, that probably no. At least I can't find any issues for now.
> Also, do you think per-namespace version support is important?
>
Actually, yes, I do.
As I see it, nfsd filesystem have to virtualized to provide flexible control for
server features. If so, then we need to virtualize program as well.
>
> To start with I suspect it would be OK to share the one lockd thread.
>
Yep, I think so too. It just will be harder to implement.
Anyway, thanks for comment.
> Some day I would very much like to allow lockd to be multithreaded. But
> I don't know that we'd want separate threads per namespace.
>
> --b.
--
Best regards,
Stanislav Kinsbursky
next prev parent reply other threads:[~2011-10-06 9:59 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-05 15:02 network-namespace-aware nfsd J. Bruce Fields
2011-10-05 17:26 ` Stanislav Kinsbursky
2011-10-05 18:19 ` J. Bruce Fields
2011-10-06 9:59 ` Stanislav Kinsbursky [this message]
2011-10-06 12:29 ` Pavel Emelyanov
2011-10-06 13:11 ` J. Bruce Fields
2011-10-06 13:14 ` Pavel Emelyanov
2011-10-06 13:18 ` Stanislav Kinsbursky
2011-10-06 16:46 ` J. Bruce Fields
2011-10-07 10:18 ` Stanislav Kinsbursky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E8D7BED.6020705@parallels.com \
--to=skinsbursky@parallels.com \
--cc=bfields@fieldses.org \
--cc=jlayton@redhat.com \
--cc=kas@openvz.org \
--cc=linux-nfs@vger.kernel.org \
--cc=xemul@parallels.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.