[lxc-devel] just subscribed...
Michael H. Warfield
mhw at WittsEnd.com
Fri Dec 3 18:23:43 UTC 2010
Hello!
On Fri, 2010-12-03 at 12:12 +0100, wiebittewas wrote:
> Hi!
> first, I subscribed to this list after I've (tardily) noticed lxc,
> because it is something, that I could use for various small systems,
> I'm managing and because it seems that there're things to do, before
> this project can be really used in production.
> Currently I use various modified kernels for that, but maybe some of
> the work I've done there may be useful for this project, so possibly
> I can help to reach this status.
> Unfortunately I didn't found a short ToDo-List as in the kvm-project
> (http://www.linux-kvm.org/page/TODO), but something like this would
> be really helpful to decide, what could be the first/next step.
> maybe someone can give an url or maybe there's a file in source or
> anything else?
> nevertheless I've got two questions:
> lxc use cgroup, but I've seen, that ns_cgroup in kernel doesn't seem
> to have other functions, than showing, which task *is* in a
> namespace, or at least modifying "tasks" has no effect and the code
> in ns_cgroup.c itself is really sparse.
> unfortunaelty I did not find anything about the concrete aims of
> this part of cgroup, but a short note, that it's possible, that it
> will be removed next time because of this value to use.
> Can anyone say something about ns_cgroup?
If you check on the containers list you'll hear a lot about ns_cgroup
and most of it very negative and it's on its way out on skids. It might
even already be gone in 2.6.36 but it's been a thorn in peoples sides
from the reading I've seen of it.
Looks like a patch was submitted way back in July by Serge to get rid of
it entirely. That maybe 2.6.36 but almost certainly 2.6.37.
This is really a containers question, not an lxc question.
> and what is about the concrete aim of namespaces in kernel? Sure,
> partitioning as a technical aim, but is privacy another and could it
> really be achieved? Concrete: mount-ns: it makes it possible to
> mount filesystems without seeing them from root. This maybe useful
> in a trustful environment (without patches in kernel), but if I'm in
> a trustful environment, do I need this feature? So: is Privacy an
> aim of mount-namespace or more or less an incidental part?
Again, this is more of a containers question than an lxc question.
I would suggest subscribing to the Containers list:
https://lists.linux-foundation.org/mailman/listinfo/containers
A bunch of them, including Serge, are on this list but that might be a
more appropriate spot for your questions. He might be able to comment
further.
You can also browse the archives for that list here:
http://lists.linux-foundation.org/pipermail/containers
In particular, for your first question, please check out this thread
here:
https://lists.linux-foundation.org/pipermail/containers/2010-July/025069.html
> I'm asking, because the patches I've done on 2.6-kernel modifies it
> in a way, so that it's possible to attach the current process to an
> existing namespace and I'm wondering, if this mechanism may be
> useful for lxc and have a chance to come into kernel. (not the code
> - this is ugly, but maybe it's worth to refactor it)
On the containers list, that's already been in the works and, I believe,
implemented in some manner and just hasn't trickled out into the distros
yet.
> at least for network-devices this late-attachment is possible, even
> there're pids used, not namespaces themselves.
>
> well that's all for now.
> one note: because english is not my main-language, I may fail to use
> the right vocabulary or grammar or perhaps it takes some time before
> I answer, because I have to translate the things first, so please if
> something sounds strange or makes no sense at all: please ask and be
> a bit patient.
> (and sure: the time for an answer also depends on my time I can
> spend on this project and this is not too much)
>
> wiebittetwas
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20101203/400069b9/attachment.pgp>
More information about the lxc-devel
mailing list