[lxc-devel] RFC: Device Namespaces

Michael J Coss michael.coss at alcatel-lucent.com
Mon Aug 26 15:42:42 UTC 2013 

On 8/22/2013 1:43 PM, Oren Laadan wrote:
>
> Hi everyone!
>
> We [1] have been working on bringing lightweight virtualization to 
> Linux-based mobile devices like Android (or other Linux-based devices 
> with diverse I/O) and want to share our solution: device namespaces.
>
> Imagine you could run several instances of your favorite mobile OS or 
> other distributions in isolated containers, each under the impression 
> of having exclusive access to device drivers; Interact and switch 
> between them within a blink, no flashing, no reboot.
>
> Device namespaces are an extension to existing Linux kernel namespaces 
> that brings lightweight virtualization to Linux-based end-user 
> devices, primarily mobile devices.
> Device namespaces introduce a private and virtual namespace for device 
> drivers to create the illusion for a process group that it interacts 
> exclusively with a set of drivers. Device namespaces also introduce 
> the concepts of an “active” namespace with which a user interacts, vs 
> “non-active” namespaces that run in the background, and the ability to 
> switch between them.[2]
>
> We are planning to prepare individual patches to be submitted to the 
> relevant maintainers and mailing lists. In the meantime, we already 
> want to share a set of patches on top of the Android goldfish Kernel 
> 3.4 as well as a user-space demo, so you can see where we are heading 
> and get an overview of the approach and see how it works.
>
> We are aware that the patches are not ready for submission in their 
> current state, and we'd highly appreciate any feedback or suggestions 
> which may come to your mind once you have a look [3]. Of particular 
> interest is to elaborate a proper userspace API with respect to 
> existing and future use-cases. To illustrate a simple use-case we also 
> provide a simple userspace demo for Android [4].
>
> I will be presenting "The Case for Linux Device Namespace" [5] at 
> LinuxCon North America 2013 [6]. We will also be attending the 
> Containers Track [7] at LPC 2013 to present the current state of the 
> patches and discuss the best course to proceed.
>
> We are looking forward to hear from you!
>
> Thanks,
>
> Oren.
>
Great news. I have been working on something similar, and will look over 
your patch set. Although, one use case that I want is kind of the 
reverse of what you're doing; to run an Android container on a Linux 
host, as well as just provide device protection to the host from containers.

-- 
---Michael J Coss

More information about the lxc-devel mailing list