I hate to crash the party. But it looks like Linux already makes it possible to
run an NFS server inside of a Linux "OpenVZ" zone / container with most of the
same advantages that you would get from a Solaris non-global zone NFS server
implementation. For those of of you who aren't familiar with OpenVZ and
Virtuozzo, they are basically Linux-based re-implementations of the Solaris
Zones and BSD Jails feature sets:
http://en.wikipedia.org/wiki/Openvz
And here is the documentation for setting up an NFS server inside of a Linux
OpenVZ container:
http://wiki.openvz.org/NFS_server_inside_VE
Getting the Kernel NFS server to work inside of a Linux OpenVZ zone does
require you to patch the Linux kernel and recompile it with CONFIG_NFSD=m but
it does appear to work. If you don't want to use the Kernel NFS server, and you
want more security and fault isolation, you can also use a user-space NFS
server with the following caveat (quoted from OpenVZ docs):
"Advantage of user-space NFS server is that it does not require kernel support.
Also if it crashes — there is no crash of the system: just one process dies,
not the kernel! The disadvantage of user-space NFS server is its productivity:
no one can be faster than in-kernel implementation."
It looks like Linux is just now at the precipice where they are starting to
show signs of getting technologically ahead of Solaris in the zones /
containers niche! OpenVZ has already almost completely taken over the data
centers that I work in. I think Virtuozzo and OpenVZ are terrible products and
I think Solaris Zones are better, but the fact that you can run an NFS server
in a zone / container in Linux but can't in OpenSolaris is a pretty big strike
against OpenSolaris for many clients.
I hope this news lights a fire under everyone in the community to start working
on the source code for a non-global zones NFS server implementation without any
further hesitation or deliberation. The reason the Linux developers are ahead
of us and already have this feature implemented is because they start slinging
lots of code out there first and talk and debate about it later. Maybe it's not
always the best approach from a purely engineering perspective, but it does get
things done quickly, which builds up lots of momentum behind the OS in a very
short period of time.
--
This message posted from opensolaris.org
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org
