On 08/03/15 21:40, Aaron B. wrote:
I was working with rumphijack as I'm trying to stick to completely
unmodified NetBSD binaries. It's a moonshot-type project that might not
be feasible, or maybe just far outside my abilities. Have to start
somewhere, though.
Awesome! Too many projects never get done because folks try to build
the perfect understanding of the situation without starting from
anywhere. Lampson's design hint "plan to throw one away" is as timely
as ever (though, considering the history of rump kernels, "plan to throw
three away" is more appropriate).
The basic goal is container style virtualization on NetBSD: something
like FreeBSD jails, Linux LXC, etc. I realized that chroot + a rump
network stack is about halfway there and was giving it a shot. Good for
production, not really - but a decent proof of concept. I was using
nginx as it's a real-world program that's trivial to test, and easy to
get going in a chroot filesystem.
The relationship between rump kernels and containers is a veritable FAQ.
If you haven't read it, see the latter half of my post from almost
to-the-date 4 years ago:
https://mail-index.netbsd.org/tech-kern/2011/03/22/msg010146.html
(it's a bit dated especially in the sense that it talks about "rump"
instead of "rump kernels". I guess rump kernels were not complete back
then wrt to the nomenclature ;)
If you want something like container policies on NetBSD, you're much
better off looking at Christoph's gaols-on-kauth than rump kernels.
OTOH, if you want containers-so-that-it-makes-architectural-sense, IMHO
you should look at rumprun (especially on KVM/Xen/microkernels/etc.)
