da...@lang.hm writes: > On Tue, 11 Oct 2011, Eric W. Biederman wrote: > >> Theodore Tso <ty...@mit.edu> writes: >> >>> On Oct 11, 2011, at 2:42 AM, Eric W. Biederman wrote: >>> >>>> I am totally in favor of not starting the entire world. But just >>>> like I find it convienient to loopback mount an iso image to see >>>> what is on a disk image. It would be handy to be able to just >>>> download a distro image and play with it, without doing anything >>>> special. >>> >>> Agreed, but what's wrong with firing up KVM to play with a distro >>> image? Personally, I don't consider that "doing something special". >> >> Then let me flip this around and give a much more practical use case. >> Testing. A very interesting number of cases involve how multiple >> machines interact. You can test a lot more logical machines interacting >> with containers than you can with vms. And you can test on all the >> aritectures and platforms linux supports not just the handful that are >> well supported by hardware virtualization. > > but in containers, you are not really testing lots of machines, you are > testing > lots of processes on the same machine (they share the same kernel)
True. But usually that is the interesting part. >> I admit for a lot of test cases that it makes sense not to use a full >> set of userspace daemons. At the same time there is not particularly >> good reason to have a design that doesn't allow you to run a full >> userspace. > > how do you share the display between all the different containers if they are > trying to run the X server? Either X does not start because the hardware it needs is not present or Xnest or similar gets started. > how do you avoid all the containers binding to the same port on the default IP > address? Network namespaces. > how do you arbitrate dbus across the containers. Why should you? > when a new USB device gets plugged in, which container gets control of > it? None of them. Although today they may all get the uevent. None of the containers should have permission to call mknod to mess with it. > there are a LOT of hard questions when you start talking about running a full > system inside a container that do not apply for other use of > containers. Not really mostly the answer is that you say no. Eric ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2d-oct _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
