From: Jeff Liu <jeff.liu-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>
To: Glauber Costa <glommer-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
Cc: jack-AlSwsSmVLrQ@public.gmane.org,
Lezcano <daniel.lezcano-GANU6spQydw@public.gmane.org>,
Christopher Jones
<christopher.jones-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>,
Li Zefan <lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>,
xfs-VZNHf3L845pBDgjK7y7TUQ@public.gmane.org,
Christoph Hellwig <hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>,
tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org,
Ben Myers <bpm-sJ/iWh9BUns@public.gmane.org>,
Daniel-VZNHf3L845pBDgjK7y7TUQ@public.gmane.org,
lxc-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org,
"linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Chris Mason <chris.mason-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>,
tytso-DPNOqEs/LNQ@public.gmane.org
Subject: Re: [RFC PATCH v1 0/4] cgroup quota
Date: Mon, 12 Mar 2012 15:11:11 +0800 [thread overview]
Message-ID: <4F5DA18F.6040000@oracle.com> (raw)
In-Reply-To: <4F5DC396.60701-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
On 03/12/2012 05:36 PM, Glauber Costa wrote:
> On 03/11/2012 03:47 PM, Jeff Liu wrote:
>> And also, if there has already a project quota limits enforced outsides
>> to a directly, but the user can still setup a smaller quota limit s
>> through cgroup ,those limits just mixed up, but the smaller quota only
>> be effected for those processes running at container.
>>
>>> >
>>> > What we really need here, is a way to have a privileged user inside a
>>> > container to create normal quotas (user, group) that he can
>>> configure,
>>> > and have this quota be always smaller than, say, a project quota
>>> defined
>>> > for the container from the outside. But cgroups is hardly the
>>> interface,
>>> > or place, for that: Usually, the processes inside the container won't
>>> > have access to their cgroups. They will contain the limits they are
>>> > entitled to, and we don't won't the processes to change that at
>>> will. So
>>> > tying it to cgroups does not solve the fundamental problem, which
>>> is how
>>> > we have the container admin to set up quotas...
>> Sigh, exactly, I need some time to understand your opinions. Thanks
>> again.
>>
>>
>
> My take on this is that you should stick to the quota interface. It
> seems to works well enough for people out there. This means, how quotas
> are configured, viewed, etc, should work with standard tools.
>
> Now, we need some of those quotas to be tied to a particular mnt
> namespace (I believe namespaces to be the right isolation abstraction
> here, not cgroups), in the sense that they can only be active inside
> that mnt namespace. And then when you bill an inode, block, or anything
> else that quota limits, you bill it to any quota structure that is
> possibly interested in it.
I got started investigating how to isolate quota combine with namespaces today, thanks for your timely suggestions, that's sounds clearer to me.
-Jeff
> Right now the code bills it to one quota
> structure, the one that matches your UID, GID, etc (XFS may be a bit
> more skilled already here, I don't know)
prev parent reply other threads:[~2012-03-12 7:11 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-09 11:20 [RFC PATCH v1 0/4] cgroup quota Jeff Liu
[not found] ` <4F59E78A.7060903-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>
2012-03-11 11:18 ` Glauber Costa
[not found] ` <4F5C8A0C.8050904-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
2012-03-11 10:50 ` Jeff Liu
2012-03-11 11:57 ` Glauber Costa
[not found] ` <4F5C933F.3000409-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
2012-03-11 11:47 ` Jeff Liu
2012-03-12 9:36 ` Glauber Costa
[not found] ` <4F5DC396.60701-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
2012-03-12 7:11 ` Jeff Liu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F5DA18F.6040000@oracle.com \
--to=jeff.liu-qhclzuegtsvqt0dzr+alfa@public.gmane.org \
--cc=Daniel-VZNHf3L845pBDgjK7y7TUQ@public.gmane.org \
--cc=bpm-sJ/iWh9BUns@public.gmane.org \
--cc=cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=chris.mason-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org \
--cc=christopher.jones-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org \
--cc=daniel.lezcano-GANU6spQydw@public.gmane.org \
--cc=glommer-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org \
--cc=hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=jack-AlSwsSmVLrQ@public.gmane.org \
--cc=linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=lizf-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org \
--cc=lxc-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
--cc=tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=tytso-DPNOqEs/LNQ@public.gmane.org \
--cc=xfs-VZNHf3L845pBDgjK7y7TUQ@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).