[lxc-users] loading a file system

Serge Hallyn serge.hallyn at ubuntu.com
Wed Jan 14 14:51:38 UTC 2015


Yeah we're pretty sure that's actually impossible at the moment.
We've tried a few times, and mentioned it at the last kernel
summit, but the best hope was for an eventual new mount system
call API (which would split fsdev registration from 'mounting')
which would hopefully allow for a mount-by-fd.

For instance, mounting from the host into the container through
/proc/$$/root doesn't work because the kernel rejects it due to the
mnt->ns being different.

Pavel at one point was pretty sure they had done it, but I
*believe* he later said that was not the case.

Quoting Fajar A. Nugraha (list at fajar.net):
> Containers can see any host mount point if specifically bind-mounted
> to the container, e.g. via lxc.mount.entry. I haven't seen a way to
> add new mount points to the container after it's started though.
> 
> -- 
> Fajar
> 
> On Wed, Jan 14, 2015 at 3:21 PM, Mohan G <mohan_gg at yahoo.com> wrote:
> > Also, i am hoping that all host mount point can be seen by containers. Is
> > this assumption correct.
> >
> >
> > On Wednesday, January 14, 2015 1:47 PM, Mohan G <mohan_gg at yahoo.com> wrote:
> >
> >
> > Thanks for the replies. My conclusions from the replies are that i am better
> > of controlling the consumers of my FS via cgroups. If i decide to run my
> > apps on containers, then i need to mount my FS on the host and create
> > containers with limits of CPU and memory and use my FS via this container.
> > Both these approaches seem fine and helps.
> >
> >
> >
> >
> >
> > On Wednesday, January 14, 2015 12:28 PM, Fajar A. Nugraha <list at fajar.net>
> > wrote:
> >
> >
> > As Serge said, some limits needs to be enforced by your filesystem.
> > Like tmpfs case for example, the size limit are set during mount,
> > which should be done by the host (e.g. as an option on lxc.mount.entry
> > in container config file).
> >
> > cgroup limits is AFAIK only apply to userland, and does not apply to
> > memory used by kernel modules.
> >
> > What is your fs like? Most fs that I know of (e.g. btrfs, ext4) does
> > not need particular amount of memory/cpu resource. In this case the
> > only cpu/memory limit you need to worry about are userland (handled by
> > cgroups).
> >
> > This is different from zfs, which requires huge amount of memory. But
> > even in this case the resource used are global, and can't be separated
> > per pool/dataset/mountpoint, so you won't be able to limit it per
> > container.
> >
> > fuse, on the otherhand, will use some cpu/memory resource per mounts
> > on its userland part. In this case, you can limit its cpu/memory usage
> > the same way you limit other userland processes, using cgroups.
> >
> > --
> > Fajar
> >
> >
> > On Wed, Jan 14, 2015 at 12:25 PM, Mohan G <mohan_gg at yahoo.com> wrote:
> >> Thanks. When i say my own file system, yes my own kernel file system
> >> written
> >> for linux. A small yet working FS.
> >> I want to load this FS and want applications to use them, but not consume
> >> entire cpu and memory. If i can bring up KVM then i can set cpu and memory
> >> for this KVM and load and mount my FS in this KVM and KVM's resource
> >> limits
> >> will directly control the FS consumption etc.
> >>
> >> How i can achieve the same thing without using KVM. When i mean template,
> >> i
> >> mean the linux image used as a separate container. ( i assume i can build
> >> a
> >> new linux distro with my FS as default) and boot it up.
> >> I am aware that containers are user level and share the same kernel. Thank
> >> for the patience
> >>
> >>
> >>
> >> On Wednesday, January 14, 2015 10:37 AM, Fajar A. Nugraha <list at fajar.net>
> >> wrote:
> >>
> >>
> >> You need to be more clear. More response inline
> >>
> >> On Wed, Jan 14, 2015 at 11:26 AM, Mohan G <mohan_gg at yahoo.com> wrote:
> >>>
> >>> Thanks for the reply, now i guess my specific question is.
> >>> 1) I have my own file system which i can load to the kernel. But i want
> >>> to
> >>> restrict the file systems usage as a whole.
> >>
> >> Do you mean your own file system module? e.g. something like fuse?
> >> What do you mean by "restrict the file systems usage"? Only some
> >> container can use that type of fs? Restrict its size?
> >>
> >> Short version is you should set all mounts in the host (including
> >> loading the fs module, if it's a new one), and the container can then
> >> simply use it. Also, do NOT allow containers to mount their own
> >> filesystem (this is already the default setting when you use ubuntu
> >> container on ubuntu host)
> >>
> >>
> >>> 2) which means if i can build a kernel template with my FS on it , then
> >>> would i be able to set limits on memory and cpu for the FS.
> >>>
> >>
> >> what "kernel template"? You DO know that containers share the same
> >> kernel as the host, right?
> >> Also, I see no direct connection between "memory and cpu" and the type
> >> of filesystem. Are you perhaps confusing FS, when you mean "container"
> >> (i.e. guest)
> >>
> >>> basically i am looking for ways for FS to use KVM type limit ( in terms
> >>> of
> >>> cpu and memory) without actually using KVM.
> >>
> >> If you mean "limit container's cpu and memory use", see earlier
> >> response about cgroups. Again, I see no correlation between FS and
> >>
> >> "cpu and memory".
> >>
> >>
> >> --
> >> Fajar
> >> _______________________________________________
> >> lxc-users mailing list
> >> lxc-users at lists.linuxcontainers.org
> >> http://lists.linuxcontainers.org/listinfo/lxc-users
> >>
> >>
> >> _______________________________________________
> >> lxc-users mailing list
> >> lxc-users at lists.linuxcontainers.org
> >> http://lists.linuxcontainers.org/listinfo/lxc-users
> >
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> >
> >
> >
> >
> >
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users


More information about the lxc-users mailing list