[ckrm-tech] [PATCH 0/2] resource control file system - aka
containers on top of nsproxy!
Serge E. Hallyn
serue at us.ibm.com
Thu Mar 22 07:39:09 PDT 2007
Quoting Srivatsa Vaddagiri (vatsa at in.ibm.com):
> On Fri, Mar 09, 2007 at 10:50:17AM -0600, Serge E. Hallyn wrote:
> > The nsproxy container subsystem could be said to be that unification.
> > If we really wanted to I suppose we could now always mount the nsproxy
> > subsystem, get rid of tsk->nsproxy, and always get thta through it's
> > nsproxy subsystem container. But then that causes trouble with being
> > able to mount a hierarachy like
> > mount -t container -o ns,cpuset
> What troubles will mounting both cpuset and ns in the same hierarchy
Wow, don't recall the full context here. But at least with Paul's
container patchset, a subsystem can only be mounted once. So if the
nsproxy container subsystem is always mounted by itself, then you cannot
remount it to bind it with cpusets.
> IMO that may be a good feature by itself, which makes it convenient to
> bind different containers to different cpusets.
> In this case, we want 'ns' subsystem to override all decisions wrt
> mkdir of directories and also movement of tasks b/n different
> groups. This is automatically accomplished in the patches, by having ns
> subsystem veto mkdir/can_attach request which aren't allowed as per
> namespace semantics (but which may be allowed as per cpuset semantics).
> > so we'd have to fix something. It also slows things down...
More information about the Containers