Re: [PATCH 0/6] containers: Generic Process Containers (V6)

Hi Serge,

On 1/3/07, Serge E. Hallyn <[email protected]> wrote:

From: Serge E. Hallyn <[email protected]>
Subject: [RFC] [PATCH 1/1] container: define a namespace container subsystem

Here's a stab at a namespace container subsystem based on
Paul Menage's containers patch, just to experiment with
how semantics suit what we want.

Thanks for looking at this.

What you have here is the basic boilerplate for any generic container
subsystem. I realise that my current containers patch has some
incompatibilities with the way that nsproxy wants to work.

A few things we'll want to address:

        1. We'll want to be able to hook things like
           rmdir, so that we can rm -rf /containers/vserver1
           to kill all processes in that container and all
           child containers.

The current model is that rmdir fails if there are any processes still
in the container; so you'd have to kill processes by looking for pids
in the "tasks" info file. This was behaviour inherited from the
cpusets code; I'd be open to making this more configurable (e.g.
specifying that rmdir should try to kill any remaining tasks).

        2. We need a semantic difference between attaching
           to a container, and being the first to join the
           container you just created.

Right - the way to do this would probably be some kind of
"container_clone()" function that duplicates the properties of the
current container in a child, and immediately moves the current
process into that container.

        3. We will want to be able to give the container
           attach function more info, so that we can ask to
           attach to just the network namespace, but none of
           the others, in the container we're attaching to.

If you want to be able to attach to different namespaces separately,
then possibly they should be separate container subsystems?

Paul
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: [PATCH 0/6] containers: Generic Process Containers (V6)
    • From: "Serge E. Hallyn" <[email protected]>

• References:
  • Re: [PATCH 0/6] containers: Generic Process Containers (V6)
    • From: "Serge E. Hallyn" <[email protected]>

• Prev by Date: Re: sonypc with Sony Vaio VGN-SZ1VP
• Next by Date: Re: 2.6.20-rc3: known unfixed regressions (v3)
• Previous by thread: Re: [PATCH 0/6] containers: Generic Process Containers (V6)
• Next by thread: Re: [PATCH 0/6] containers: Generic Process Containers (V6)
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]