From: Hubertus Franke <frankeh@watson.ibm.com>
To: Sam Vilain <sam@vilain.net>
Cc: Rik van Riel <riel@redhat.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Kirill Korotaev <dev@openvz.org>,
Linus Torvalds <torvalds@osdl.org>, Andrew Morton <akpm@osdl.org>,
linux-kernel@vger.kernel.org, clg@fr.ibm.com,
haveblue@us.ibm.com, greg@kroah.com, alan@lxorguk.ukuu.org.uk,
serue@us.ibm.com, arjan@infradead.org, kuznet@ms2.inr.ac.ru,
saw@sawoct.com, devel@openvz.org, Dmitry Mishin <dim@sw.ru>,
Andi Kleen <ak@suse.de>
Subject: Re: [PATCH 1/4] Virtualization/containers: introduction
Date: Tue, 07 Feb 2006 18:18:33 -0500 [thread overview]
Message-ID: <43E92AC9.3090308@watson.ibm.com> (raw)
In-Reply-To: <43E92602.8040403@vilain.net>
Sam Vilain wrote:
> Hubertus Franke wrote:
>
>> The container is just an umbrella object that ties every "virtualized"
>> subsystem together.
>
>
> I like this description; it matches roughly with the concepts as
> presented by vserver; there is the process virtualisation (vx_info), and
> the network virtualisation (nx_info) of Eric's that has been integrated
> to the vserver 2.1.x development branch. However the vx_info has become
> the de facto umbrella object space as well. These could almost
> certainly be split out without too much pain or incurring major
> rethinks.
>
> Sam.
>
Agreed.. here are some issued we learned from other projects that had
similar interception points.
Having a central umbrella object (let's stick to the name container)
is useful, but being the only object through which every access has to
pass may have drawbacks..
task->container->pspace->pidmap[offset].page implies potential
cachemisses etc.
If overhead becomes too large, then we can stick (cache) the pointer
additionally in the task struct. But ofcourse that should be carefully
examined on a per subsystem base...
==
Another thing to point out is that container's can have overlaps.
C/R should be a policy thing. So if each "subsystem"
> Quote Eric>>>
> PIDS
> UIDS
> SYSVIPC
> NETWORK
> UTSNAME
> FILESYSTEM
is represented as a NAMESPACE, then one can pick and choose as a
policy how these constitute at a conceptual level as a container.
You want something migratable you better make sure that
container implies unique subsystems.
Maybe you want to nest containers, but only want to create a
separate pidspaces for performance isolation (see planetlab work
with vserver).
So, there are many possibilities, that might make perfect sense
for different desired solutions and it seems with the
clone ( CLONE_FLAGS_NSPACE_[PIDS/UIDS/SYS.../FS] ) one gets a solution
that is flexible, yet embodies may requirements.....
-- Hubertus
next prev parent reply other threads:[~2006-02-07 23:18 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-06 21:57 [PATCH 1/4] Virtualization/containers: introduction Kirill Korotaev
2006-02-06 22:12 ` [PATCH 2/4] Virtualization/containers: CONFIG_CONTAINER Kirill Korotaev
2006-02-06 22:17 ` [PATCH 3/4] Virtualization/containers: UID hash Kirill Korotaev
2006-02-06 22:22 ` [PATCH 4/4] Virtualization/containers: uts name Kirill Korotaev
2006-02-06 23:00 ` [PATCH 1/4] Virtualization/containers: introduction Dave Hansen
2006-02-07 12:24 ` Kirill Korotaev
2006-02-07 3:34 ` Eric W. Biederman
2006-02-07 3:40 ` Rik van Riel
2006-02-07 6:30 ` Sam Vilain
2006-02-07 11:51 ` Kirill Korotaev
2006-02-07 14:31 ` Eric W. Biederman
2006-02-07 15:42 ` Eric W. Biederman
2006-02-07 16:18 ` Kirill Korotaev
2006-02-07 17:20 ` Eric W. Biederman
2006-02-07 22:43 ` Sam Vilain
2006-02-07 16:57 ` Hubertus Franke
2006-02-07 20:19 ` Serge E. Hallyn
2006-02-07 20:46 ` Hubertus Franke
2006-02-07 22:00 ` Eric W. Biederman
2006-02-07 22:19 ` Hubertus Franke
2006-02-07 22:06 ` The issues for agreeing on a virtualization/namespaces implementation Eric W. Biederman
2006-02-07 23:35 ` Hubertus Franke
2006-02-08 0:43 ` Alexey Kuznetsov
2006-02-08 2:49 ` Eric W. Biederman
2006-02-08 3:36 ` Serge E. Hallyn
2006-02-08 3:52 ` Eric W. Biederman
2006-02-08 4:37 ` Herbert Poetzl
2006-02-08 4:46 ` Eric W. Biederman
2006-02-08 19:24 ` Stephen Hemminger
2006-02-08 5:23 ` Eric W. Biederman
2006-02-08 14:40 ` Hubertus Franke
2006-02-08 15:17 ` Serge E. Hallyn
2006-02-08 15:35 ` Kirill Korotaev
2006-02-08 15:57 ` Hubertus Franke
2006-02-08 19:02 ` Herbert Poetzl
2006-02-08 16:48 ` Eric W. Biederman
2006-02-08 17:46 ` Eric W. Biederman
2006-02-08 18:03 ` Serge E. Hallyn
2006-02-08 18:31 ` Hubertus Franke
2006-02-08 20:21 ` Dave Hansen
2006-02-08 21:22 ` Serge E. Hallyn
2006-02-08 22:28 ` Eric W. Biederman
2006-02-20 12:11 ` Kirill Korotaev
2006-02-20 12:41 ` Herbert Poetzl
2006-02-20 14:26 ` Kirill Korotaev
2006-02-20 15:16 ` Herbert Poetzl
2006-02-08 4:56 ` Herbert Poetzl
2006-02-08 14:38 ` Serge E. Hallyn
2006-02-08 14:51 ` Hubertus Franke
2006-02-09 4:45 ` Kyle Moffett
2006-02-09 5:41 ` Eric W. Biederman
2006-02-09 22:25 ` Eric W. Biederman
2006-02-07 22:58 ` [PATCH 1/4] Virtualization/containers: introduction Sam Vilain
2006-02-07 23:18 ` Hubertus Franke [this message]
2006-02-08 5:03 ` Eric W. Biederman
2006-02-08 14:13 ` Hubertus Franke
2006-02-08 15:44 ` Kirill Korotaev
2006-02-08 16:39 ` Eric W. Biederman
2006-02-08 2:08 ` Kevin Fox
2006-02-08 1:16 ` Sam Vilain
2006-02-08 4:21 ` Paul Jackson
2006-02-08 15:36 ` Kirill Korotaev
2006-02-08 17:16 ` Eric W. Biederman
2006-02-08 20:43 ` Dave Hansen
2006-02-08 21:04 ` Eric W. Biederman
2006-02-07 12:14 ` Kirill Korotaev
2006-02-07 14:06 ` Eric W. Biederman
2006-02-07 14:52 ` Rik van Riel
2006-02-07 15:13 ` Eric W. Biederman
2006-02-09 0:24 ` Eric W. Biederman
2006-02-09 2:18 ` Jeff Dike
2006-02-09 3:16 ` Eric W. Biederman
2006-02-09 14:28 ` Kirill Korotaev
2006-02-09 15:40 ` Jeff Dike
2006-02-09 15:49 ` Kirill Korotaev
2006-02-09 17:50 ` Jeff Dike
2006-02-09 16:38 ` Hubertus Franke
2006-02-09 17:48 ` Jeff Dike
2006-02-09 22:09 ` Sam Vilain
2006-02-09 21:56 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43E92AC9.3090308@watson.ibm.com \
--to=frankeh@watson.ibm.com \
--cc=ak@suse.de \
--cc=akpm@osdl.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=arjan@infradead.org \
--cc=clg@fr.ibm.com \
--cc=dev@openvz.org \
--cc=devel@openvz.org \
--cc=dim@sw.ru \
--cc=ebiederm@xmission.com \
--cc=greg@kroah.com \
--cc=haveblue@us.ibm.com \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=riel@redhat.com \
--cc=sam@vilain.net \
--cc=saw@sawoct.com \
--cc=serue@us.ibm.com \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox