Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container interface to nsproxy subsystem

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Srivatsa Vaddagiri

Subject: Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container interface to nsproxy subsystem

Date: Tuesday, April 3, 2007 - 7:16 am

On Mon, Apr 02, 2007 at 12:02:35PM -0600, Eric W. Biederman wrote:
quoted text> > If we loose directories, then we don't have a way to manage the
> > task-group it represents thr' the filesystem interface, so I consider
> > that bad. As we agree, this will not be an issue if initrd
> > mounts the ns hierarchy atleast at bootup.
> 
> I suspect that could be a problem if we have recursive containers.
> Even by having a separate mount namespace for isolation you really
> don't want to share the mount.  If you can see all of the processes
> you do want to be able to see and control everything.

Won't there be some master (VFS) namespace which can see everything? The
idea would be then to list all containers in that namespace. I am
visualizing that a master namespace listing all containers like that 
will be like a management console, from which you can monitor/control
resource consumption of all containers.

I agree the individual containers themselves should not be able to
mount and view other containers in this container/resource-control
filesystem. I presume existing VFS namespace mechanism would enforce
that restriction.

quoted text> I guess I want to ask before this gets to far.  Why are all of the
> namespaces lumped into one group?  

I don't think they are. From Serge's patches, a new group (or a directory in
container filesystem) is created everytime a new nsproxy is created
(copy_namespaces/sys_unshare).

quoted text> I would think it would make much
> more sense to treat each namespace individually (at least for the
> user space interface).

-- 
Regards,
vatsa
-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH 7/7] containers (V7): Container interface to nsprox ..., menage, (Mon Feb 12, 1:15 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Fri Mar 23, 10:05 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Sat Mar 24, 9:23 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Serge E. Hallyn, (Mon Mar 26, 2:55 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Serge E. Hallyn, (Mon Mar 26, 2:57 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Wed Mar 28, 7:55 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Serge E. Hallyn, (Wed Mar 28, 8:26 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Fri Mar 30, 7:47 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Serge E. Hallyn, (Mon Apr 2, 7:09 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Mon Apr 2, 7:27 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Eric W. Biederman, (Mon Apr 2, 11:02 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Tue Apr 3, 7:16 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Serge E. Hallyn, (Tue Apr 3, 8:32 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Serge E. Hallyn, (Tue Apr 3, 8:41 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Tue Apr 3, 8:45 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Serge E. Hallyn, (Tue Apr 3, 8:54 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Tue Apr 3, 9:10 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Tue Apr 3, 9:16 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Kirill Korotaev, (Tue Apr 3, 9:26 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Tue Apr 3, 9:46 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Tue Apr 3, 9:52 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Tue Apr 3, 10:10 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Tue Apr 3, 10:11 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Tue Apr 3, 10:29 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Tue Apr 3, 10:30 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Tue Apr 3, 10:30 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Tue Apr 3, 10:34 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Tue Apr 3, 10:49 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Tue Apr 3, 10:51 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Tue Apr 3, 8:07 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Jackson, (Tue Apr 3, 8:44 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Tue Apr 3, 9:04 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Tue Apr 3, 10:15 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Wed Apr 4, 12:00 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Wed Apr 4, 10:26 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Wed Apr 4, 10:42 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Wed Apr 4, 11:57 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Eric W. Biederman, (Wed Apr 4, 4:02 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Wed Apr 4, 6:35 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Wed Apr 4, 6:37 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Wed Apr 4, 7:57 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Wed Apr 4, 11:39 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Wed Apr 4, 11:46 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Wed Apr 4, 11:48 pm)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Thu Apr 5, 1:49 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Thu Apr 5, 2:29 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Thu Apr 5, 5:43 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Thu Apr 5, 7:13 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Thu Apr 5, 7:13 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Thu Apr 5, 7:46 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Thu Apr 5, 9:57 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Srivatsa Vaddagiri, (Thu Apr 5, 10:14 am)

Re: [ckrm-tech] [PATCH 7/7] containers (V7): Container int ..., Paul Menage, (Fri Apr 6, 2:54 pm)

Navigation

Popular discussions


linux-kernel:
Rafael J. Wysocki	[Bug #11559] 2.6.27-rc6: nohz + s2ram = need to press keys to get progress
Chris Mason	Re: [Bug #11548] kernel BUG at drivers/pci/intel-iommu.c:1373!
Josef 'Jeff' Sipek	[PATCH 23/24] Unionfs: Kconfig and Makefile
Borislav Petkov	2.6.23-rc1: no setup signature found...
David Miller	Re: 'global' rq->clock
git:
Pat Thoyts	[PATCH] git-gui: use themed tk widgets with Tk 8.5
Peter Kjellerstedt	RE: [PATCH] send-email: do not check for editor until needed
Laflen, Brandon (GE, Research)	RE: fatal: Unable to find remote helper for 'http'
Oliver Hoffmann	git init --bare versus git --bare init
Sam Song	Fwd: [OT] Re: Git via a proxy server?
linux-netdev:
William Allen Simpson	[net-next-2.6 PATCH v8 0/7] TCPCT part 1: cookie option exchange
Jamie Lokier	Re: POHMELFS high performance network filesystem. Transactions, failover, performa...
Eric Dumazet	Re: [PATCH net-next-2.6] net: Introduce skb_orphan_try()
David Miller	Re: [PATCH v5] rfs: Receive Flow Steering
David Miller	Re: [PATCH 2/2] macb: process the RX ring regardless of interrupt status
git-commits-head:
Linux Kernel Mailing List	V4L/DVB (13368): af9015: support for Sveon STV20 Tuner USB DVB-T HDTV
Linux Kernel Mailing List	ixgbe: Fix - Do not allow Rx FC on 82598 at 1G due to errata
Linux Kernel Mailing List	checkpatch: add check for too short Kconfig descriptions
Linux Kernel Mailing List	Bluetooth: Fallback eSCO to SCO on error 0x1a (Unsupported Remote Feature)
Linux Kernel Mailing List	V4L/DVB (10826): cx88: Add IR support to pcHDTV HD3000 & HD5500
openbsd-misc:
Private Equity Investment Exchange of Vietnam	Cong cu huu hieu: Cong giao tiep dau tu chuyen nghiep nhat Vietnam \| Private Equit...
mark reardon	pfctl not loading rules - Must enable table loading for optimizations
KURS ENGLESKOG JEZIKA NA 10 CD-a	AUDIO-VIZUELNA METODA UCENJA ENGLESKOG JEZIKA na 10 CD-a
Nick Guenther	Re: This is what Linus Torvalds calls openBSD crowd
L. V. Lammert	OT, .. but has anyone seen a crontab editor

Colocation donated by:

Syndicate