[Devel] Re: Network virtualization/isolation

Herbert Poetzl herbert at 13thfloor.at
Sat Dec 9 18:21:00 PST 2006

On Sun, Dec 10, 2006 at 01:34:14AM +0300, Kir Kolyshkin wrote:
> Herbert Poetzl wrote:
> >On Fri, Dec 08, 2006 at 10:13:48PM -0800, Andrew Morton wrote:
> >  
> >>
> >>It's actually happening quite gradually and carefully.
> >>    
> >
> >hmm, I must have missed a testing phase for the
> >IPC namespace then, not that I think it is broken
> >(well, maybe it is, we do not know yet)
> >

> You have announced at LKML that Linux-VServer now uses the 
> stuff that was merged in 2.6.19-rc1, haven't you? 

yes, correct, and we already fixed several issues
the changes caused, both in handling as well as

> I suppose that means you are  using IPC namespaces from 
> mainstream? 

yes, we do 

> Isn't that considered testing? 

of course it is testing, but it is already in
mainstream, and for my part, I wasn't able to
provide feedback from testing yet ...

> Or you don't test Linux-VServer?

we do the same testing you folks do IIRC
(i.e. some secret test procedure which takes
roughly a week or so, after which we can tell
that everything works as expected :)

> Please clarify, I'm a bit lost here.

> Speaking of OpenVZ, as Kirill Korotaev said before we have 
> backported all that to 2.6.18 back in September 

nice, but what relevance has that for 2.6.19?

> and are using it since then.

cool, how much feedback regarding IPC did you get
since then?

> And yes, we found a bug in IPC namespaces, and fix from 
> Pavel Emelyanov has made it to 2.6.19-rc5 (see commit 
> c7e12b838989b0e432c7a1cdf1e6c6fd936007f6 to linux-2.6-git).

it's good that some bugs have been found, but
of what relevance is that for testing mainline

 - typical linux users will only excercise a 
   small fraction of the new code, if at all
 - virtualization solutions like OpenVZ and
   Linux-VServer add their custom modifications
   and/or adjustments, and serve a much smaller
 - I haven't seen any test suites or similar
   for the spaces

so it all boils down to waiting for somebody to
stumble over an issue, which then will get fixed
just that the number of folks testing that is
quite small compared to 'other' mainline pathes

anyway, originally I was just answering to an
email pushing for 'fast' inclusion, which I do
not consider a good idea (as I already stated)


More information about the Containers mailing list