Octave Orgeron wrote: > --- Robert.Thurlow at Sun.COM wrote:
>>2) Since NFS is mostly an in-kernel service, unlike something like >>Apache, if you have some kind of issue with NFS stability, you lose >>the whole box, not just the zone. This lack of fault isolation isn't >>always something that people are aware of. Does this change anything >>for your use case? > This is a great point and shows that there has to be some reorg of the > NFS framework. I don't know if that means we need a pseudo instance of > the kernel modules for each zone. Or if we have to break it up into > components that should be unique to each zone and ones that should be > common. I don't think we can go there - a service in the kernel which panics takes out all zones, and there's just nothing we can do about that (beyond minimizing panics as we try to do anyway). I think we need to set expectations that fault isolation is not as strong for this service. Sun has other virtualization solutions that would work better for real fault isolation. >>2) Due to the above, it seems like the global zone admin should have >>a knob to turn to enable or disable the ability of a zone to share >>out files via NFS. Do people agree? >> > > > I agree there is should be knob. Perhaps something in zonecfg like: > > add service > set type=nfs > end > > That would enable the zone to be an nfs server. What do you think? Yes, I had a setting like this in mind, as opposed to something that includes a path to a resource that may be shared. Rob T
