On Fri, 2005-12-16 at 18:47 -0500, Hubertus Franke wrote:
> On Fri, 2005-12-16 at 09:35 -0800, Dave Hansen wrote:
<snip>
> > I've been talking a lot lately about how important filesystem isolation
> > between containers is to implement containers properly. Isolating the
> > filesystem namespaces makes it much easier to do things like fs-based
> > shared memory during a checkpoint/resume. If we want to allow tasks to
> > move around, we'll have to throw out this entire concept. That means
> > that a _lot_ of things get a notch closer to the too-costly-to-implement
> > category.
> >
>
> Not only that, as the example of pids already show, while at the surface
> these might seem as desirable features ( particular since they came up
> wrt to the CKRM discussion ), there are significant technical limitation
> to these.
Perhaps merging the container process grouping functionality is not a
good idea.
However, I think CKRM could be made minimally consistent with
containers using a few small modifications. I suspect all that is
necessary is:
1) Expanding the pid syntax accepted and reported when accessing the
members file to include an optional container id:
# classify init in container 0 to a class
echo 0:1 >> ${RCFS}/class_foo/members
echo :1 >> ${RCFS}/class_foo/members
# while in container 0 classify init in container 0 to a class
echo 1 >> ${RCFS}/class_foo/members
# while in container 0 classify init in container 3 to a class
echo 3:1 >> ${RCFS}/class_foo/bar_class/members
Then pids in container 0 would show up as cid:pid
$ cat ${RCFS}/class_foo/members
0:1
5:2
...
3:4
Processes listing members in container n would only see the pid
and only pids in that container.
2) Limiting the pids and container ids accepted as input to the members
file from processes doing classification from within containers:
# classify init in the current container to a class
echo :1 >> ${RCFS}/class_foo/members
echo 1 >> ${RCFS}/class_foo/members
# returns an error when not in container 0
echo 0:1 >> ${RCFS}/class_foo/members
# returns an error when not in container 1
echo 1:1 >> ${RCFS}/class_foo/members
...
(Incidentally these kind of details are what I was referring to earlier
in this thread as "visibility boundaries")
I think this would be sufficient to make CKRM and containers play
nicely with each other. I suspect further kernel-enforced constraints
between CKRM and containers may constitute policy and not functionality.
<shameless_plug>I also suspect that with the right userspace
classification engine a wide variety of useful container resource
management policies could be enforced based on these simple
modifications.</shameless_plug>
Cheers,
-Matt Helsley
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
ckrm-tech mailing list
https://lists.sourceforge.net/lists/listinfo/ckrm-tech
