From: Jeff Layton <jlayton@redhat.com>
To: Trond Myklebust <trondmy@primarydata.com>,
"bfields@fieldses.org" <bfields@fieldses.org>,
David Howells <dhowells@redhat.com>
Cc: "stefanha@redhat.com" <stefanha@redhat.com>,
"bfields@redhat.com" <bfields@redhat.com>,
"SteveD@redhat.com" <SteveD@redhat.com>,
"linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>,
"chuck.lever@oracle.com" <chuck.lever@oracle.com>
Subject: Re: EXCHANGE_ID with same network address but different server owner
Date: Mon, 22 May 2017 10:25:28 -0400 [thread overview]
Message-ID: <1495463128.2816.8.camel@redhat.com> (raw)
In-Reply-To: <1495123747.13396.4.camel@primarydata.com>
On Thu, 2017-05-18 at 16:09 +0000, Trond Myklebust wrote:
> On Thu, 2017-05-18 at 11:28 -0400, bfields@fieldses.org wrote:
> > On Thu, May 18, 2017 at 03:17:11PM +0000, Trond Myklebust wrote:
> > > For the case that Stefan is discussing (kvm) it would literally be
> > > a
> > > single process that is being migrated. For lxc and
> > > docker/kubernetes-
> > > style containers, it would be a collection of processes.
> > >
> > > The mountpoints used by these containers are often owned by the
> > > host;
> > > they are typically set up before starting the containerised
> > > processes.
> > > Furthermore, there is typically no "start container" system call
> > > that
> > > we can use to identify which set of processes (or cgroups) are
> > > containerised, and should share a clientid.
> >
> > Is that such a hard problem?
> >
>
> Err, yes... isn't it? How do I identify a container and know where to
> set the lease boundary?
>
> Bear in mind that the definition of "container" is non-existent beyond
> the obvious "a loose collection of processes". It varies from the
> docker/lxc/virtuozzo style container, which uses namespaces to bound
> the processes, to the Google type of "container" that is actually just
> a set of cgroups and to the kvm/qemu single process.
>
> > In any case, from the protocol point of view these all sound like
> > client
> > implementation details.
>
> If you are seeing an obvious architecture for the client, then please
> share...
>
> > The only problem I see with multiple client ID's is that you'd like
> > to
> > keep their delegations from conflicting with each other so they can
> > share cache.
> >
> > But, maybe I'm missing something else.
>
> Having to an EXCHANGE_ID + CREATE_SESSION on every call to
> fork()/clone() and a DESTROY_SESSION/DESTROY_EXCHANGEID in each process
> destructor? Lease renewal pings from 1000 processes running on 1000
> clients?
>
> This is what I mean about container boundaries. If they aren't well
> defined, then we're down to doing precisely the above.
>
This is the crux of the problem with containers in general.
We've been pretending for a long time that the kernel doesn't really
need to understand them and can just worry about namespaces, but that
really hasn't worked out well so far.
I think we need to consider making a "container" a first-class object in
the kernel. Note that that would also help solve the long-standing
problem of how to handle usermode helper upcalls in containers.
I do happen to know of one kernel developer (cc'ed here) who has been
working on something along those lines...
--
Jeff Layton <jlayton@redhat.com>
next prev parent reply other threads:[~2017-05-22 14:25 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-12 13:27 EXCHANGE_ID with same network address but different server owner Stefan Hajnoczi
2017-05-12 14:34 ` J. Bruce Fields
2017-05-12 15:01 ` Trond Myklebust
2017-05-12 17:00 ` Chuck Lever
2017-05-15 14:43 ` Stefan Hajnoczi
2017-05-15 16:02 ` J. Bruce Fields
2017-05-16 13:11 ` J. Bruce Fields
2017-05-18 13:34 ` Stefan Hajnoczi
2017-05-18 14:28 ` Chuck Lever
2017-05-18 15:04 ` Trond Myklebust
2017-05-18 15:08 ` J. Bruce Fields
2017-05-18 15:15 ` Chuck Lever
2017-05-18 15:17 ` Trond Myklebust
2017-05-18 15:17 ` Trond Myklebust
2017-05-18 15:28 ` bfields
2017-05-18 16:09 ` Trond Myklebust
2017-05-18 16:32 ` J. Bruce Fields
2017-05-18 17:13 ` Trond Myklebust
2017-05-22 12:45 ` Stefan Hajnoczi
2017-05-22 14:25 ` Jeff Layton [this message]
2017-05-16 13:33 ` Stefan Hajnoczi
2017-05-16 13:36 ` J. Bruce Fields
2017-05-17 14:33 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1495463128.2816.8.camel@redhat.com \
--to=jlayton@redhat.com \
--cc=SteveD@redhat.com \
--cc=bfields@fieldses.org \
--cc=bfields@redhat.com \
--cc=chuck.lever@oracle.com \
--cc=dhowells@redhat.com \
--cc=linux-nfs@vger.kernel.org \
--cc=stefanha@redhat.com \
--cc=trondmy@primarydata.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).