container userspace tools

Balbir Singh balbir at linux.vnet.ibm.com
Fri Dec 12 00:12:38 PST 2008


* Ian jonhson <jonhson.ian at gmail.com> [2008-12-12 15:33:15]:

> Hi again,
> 
> > The container will be more or less isolated depending of what you specify in
> > the configuration file.
> >
> > Without any configuration file, you will have pid, ipc and mount points
> > isolated. If you specify the utsname, it will be isolated and if you specify
> > the network you will have a new network stack allowing to run for example a
> 
> I have played with lxc-0.3.0 for several days, trying to transplant
> existing applications
> on the base of container.
> 
> The default configuration can present a view of isolated pid, ipc (e.g. run the
> ps or top), however the memory seems not to be isolated. The process in
> a container still can see the whole physical memory. Also, my test routine
> can still apply more memory than the quota defined in "memory.limit_in_bytes".
> 
> Are there anything missing?
>

Hi, Ian,

With what version of the kernel due you see this problem. The memory
controller is undergoing a churn and I think we found something that
potentially breaks the memory controller in the current -mm. To verify

1. Can you see the memory.usage_in_bytes corresponding to the control
group where you run the container
2. Check tasks file to see that the container tasks are indeed in the
container.


-- 
	Balbir


More information about the Containers mailing list