From: Dave Hansen <haveblue@us.ibm.com>
To: Gerrit Huizenga <gh@us.ibm.com>
Cc: Matt Helsley <matthltc@us.ibm.com>,
Hubertus Franke <frankeh@watson.ibm.com>,
CKRM-Tech <ckrm-tech@lists.sourceforge.net>,
LKML <linux-kernel@vger.kernel.org>,
LSE <lse-tech@lists.sourceforge.net>,
vserver@list.linux-vserver.org, Andrew Morton <akpm@osdl.org>,
Rik van Riel <riel@redhat.com>,
pagg@oss.sgi.com
Subject: Re: [ckrm-tech] Re: [RFC][patch 00/21] PID Virtualization: Overview and Patches
Date: Fri, 16 Dec 2005 13:10:54 -0800 [thread overview]
Message-ID: <1134767454.19403.12.camel@localhost> (raw)
In-Reply-To: <E1EnMSU-0004pH-00@w-gerrit.beaverton.ibm.com>
On Fri, 2005-12-16 at 12:45 -0800, Gerrit Huizenga wrote:
> Interesting... So how to tasks get *into* a container?
Only by inheritance.
> And can they ever get back "out" of a container?
No. Think of the pids again. Even the "outside" of a container, things
like the real init, have to have unique pids. What if the process's pid
is the same as one in use in the default container?
> Are most processes on the system
> initially not in a container? And then they can be stuffed in a container?
> And then containers can be moved around or be isolated from each other?
The current idea is that processes are assigned at fork-time. The
isolation is for the lifetime of the process.
> And, is pid virtualization the point where this happens? Or is that
> a slightly higher level? In other words, is pid virtualization the
> full implementation of container isolation? Or is it a significant
> element on which additional policy, restrictions, and usage models
> can be built?
pid virtualization is simply the one that's easiest to understand, and
the one that demonstrates the largest number of issues. It is a small
piece of the puzzle, but an important one.
-- Dave
next prev parent reply other threads:[~2005-12-16 21:11 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-12-15 14:35 [RFC][patch 00/21] PID Virtualization: Overview and Patches Hubertus Franke
2005-12-15 14:35 ` [RFC][patch 01/21] PID Virtualization: const parameter for process group Hubertus Franke
2005-12-15 14:35 ` [RFC][patch 02/21] PID Virtualization: task virtual pid access functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 03/21] PID Virtualization: return virtual pids where required Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 04/21] PID Virtualization: return virtual process group ids Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 05/21] PID Virtualization: code enhancements for virtual pids in /proc Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 06/21] PID Virtualization: Define pid_to_vpid functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 07/21] PID Virtualization: Use pid_to_vpid conversion functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 08/21] PID Virtualization: file owner pid virtualization Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 09/21] PID Virtualization: define vpid_to_pid functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 10/21] PID Virtualization: Use " Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 11/21] PID Virtualization: use vpgid_to_pgid function Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 12/21] PID Virtualization: Context for pid_to_vpid conversition functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 13/21] PID Virtualization: Documentation Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 14/21] PID Virtualization: pidspace Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 15/21] PID Virtualization: container object and functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 16/21] PID Virtualization: container attach/detach calls Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 17/21] PID Virtualization: /proc/container filesystem Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 18/21] PID Virtualization: Implementation of low level virtualization functions Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 19/21] PID Virtualization: Handle special case vpid return cases Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 20/21] PID Virtualization: per container /proc filesystem Hubertus Franke
2005-12-15 14:36 ` [RFC][patch 21/21] PID Virtualization: pidspace parent : signal behavior Hubertus Franke
2005-12-15 19:49 ` [RFC][patch 00/21] PID Virtualization: Overview and Patches Gerrit Huizenga
2005-12-15 20:02 ` [ckrm-tech] " Dave Hansen
2005-12-15 20:12 ` Gerrit Huizenga
2005-12-15 22:52 ` Matt Helsley
2005-12-15 22:02 ` Hubertus Franke
2005-12-16 2:20 ` [ckrm-tech] " Matt Helsley
2005-12-16 3:28 ` Gerrit Huizenga
2005-12-16 17:35 ` Dave Hansen
2005-12-16 20:45 ` Gerrit Huizenga
2005-12-16 21:10 ` Dave Hansen [this message]
2005-12-16 23:40 ` Hubertus Franke
2005-12-16 23:47 ` Hubertus Franke
2005-12-17 1:18 ` Matt Helsley
2005-12-17 3:03 ` [Lse-tech] " Hubertus Franke
2005-12-17 1:38 ` Matt Helsley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1134767454.19403.12.camel@localhost \
--to=haveblue@us.ibm.com \
--cc=akpm@osdl.org \
--cc=ckrm-tech@lists.sourceforge.net \
--cc=frankeh@watson.ibm.com \
--cc=gh@us.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lse-tech@lists.sourceforge.net \
--cc=matthltc@us.ibm.com \
--cc=pagg@oss.sgi.com \
--cc=riel@redhat.com \
--cc=vserver@list.linux-vserver.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox