> > I think this is completely a valid operation today. But in the > > future, if we allows the local zone administrators to create its own > > VLANs, aggregations, it will cause problem. > > Agreed. > > Perhaps Meem's filesystem analogy needs to be taken further - we could > view the links as a graph. Assigning a link to a zone would assign > all derivative links to the zone. If any of the derivative links were > already assigned to a non-global zone then the assignment of the > ancestor would fail. > > Unfortunately it seems that the graph is complicated significantly by > nodes that generate links via composition. Figuring that out requires > some more thought. (Is it similar to "lofs" mounts? Hmm, probably > not.) > > [ ... ] > > At a trivial level, the global zone administrator may wish to know > that a non-global zone administrator is using VLAN id N over a > particular physical link, hence the suggestion that "observability" is > of interest.
Issues such as these are why I liked Cathy's original proposal. This is no doubt an interesting problem space (fodder for a future project?), but I think this is beyond the scoped charter of Clearview. But I'm open to being convinced otherwise. -- meem
