[lxc-devel] PID of a process inside an lxc container
Serge Hallyn
serge.hallyn at ubuntu.com
Wed Feb 3 17:01:37 UTC 2016
Quoting Christian Brauner (christian.brauner at mailbox.org):
> On Wed, Feb 03, 2016 at 04:49:04PM +0200, Kevin Wilson wrote:
> > Hi,
> >
> > When I create an lxc container and run a simple process (which all it
> > does is call pause()),
> > I see the pid of this process also in the host (Simply by running ps
> > aux | grep pause).
> > And of course I see it also inside the container again with ps aux | grep pause.
> > The pids are of course different.
> >
> > What is the reason for this ? I would expect that
> > since the conatiner has a different PID namespace, the PID whic is
> > created for the child
> > will no be seen on the host, which acts in a different namespace (the
> > initial PID namespace)
> The reason is that this is how PID namespace are designed: They form a tree up
> to the root namespace. Each process will have *a* PID in which it was created up
> to the root namespace.
Right - there are not multiple, distinct sets of processes. There is one
process tree, and a set of pid namespaces. The namespace maps processes
to process ids. So the child pid in your example is in a namespace which
doesn't have a PID mapping for the host's init, and has PID 1 for the child.
The parent's ns has 1 for it's own init, and PID N for the child.
A namespace is a mapping from identifiers to resources.
More information about the lxc-devel
mailing list