[Devel] Re: kernel summit topic - 'containers end-game'
Serge E. Hallyn
serue at us.ibm.com
Tue Jul 7 09:14:40 PDT 2009
Quoting Oren Laadan (orenl at cs.columbia.edu):
>
>
> Serge E. Hallyn wrote:
> > Quoting Oren Laadan (orenl at cs.columbia.edu):
> >>
> >> Serge E. Hallyn wrote:
> >>> Quoting Oren Laadan (orenl at cs.columbia.edu):
> >>>> Serge E. Hallyn wrote:
> >>>>> A topic on ksummit agenda is 'containers end-game and how do we
> >>>>> get there'.
> >>>>>
> >>>>> So for starters, looking just at application (and system) containers, what do
> >>>>> the libvirt and liblxc projects want to see in kernel support that is currently
> >>>>> missing? Are there specific things that should be done soon to make containers
> >>>>> more useful and usable?
> >>>>>
> >>>>> More generally, the topic raises the question... what 'end-games' are there?
> >>>>> A few I can think of off-hand include:
> >>>>>
> >>>>> 1. resource control
> >>>>> 2. lightweight virtual servers
> >>>>> 3. (or 2.5) unprivileged containers/jail-on-steroids
> >>>>> (lightweight virtual servers in which you might, just
> >>>>> maybe, almost, be able to give away a root account, at
> >>>>> least as much as you could do so with a kvm/qemu/xen
> >>>>> partition)
> >>>>> 4. checkpoint, restart, and migration
> >>>>>
> >>>>> For each end-game, what kernel pieces do we think are missing? For instance,
> >>>>> people seem agreed that resource control needs io control :) Containers imo
> >>>>> need a user namespace. I think there are quite a few network namespace
> >>>>> exploiters who require sysfs directory tagging (or some equivalent) to
> >>>>> allow us to migrate physical devices into network namespaces. And
> >>>>> checkpoint/restart needs... checkpoint/restart.
> >>>> Heh ... it does need ... checkpoint/restart; and a few issues
> >>>> which we should think about sometime --
> >>> Yup, these are all things we need to discuss. For some of them we might
> >>> just need to flail about and code a few approaches until we figure out an
> >>> answer, but then I think that everyone has thought about a few of these
> >>> in some detail, so there probably is much we could gain from talking.
> >>>
> >>> ... Does this mean we should try to have a mini-summit in the next 6
> >>> months or so? I'd recommend having one right before kernel summit so
> >>> we can get our act together, but getting everyone to tokyo to chat seems
> >>> uneconomical :) It'd be good to chat about at least the first two items
> >>> before the summit, though.
> >>>
> >> How about linux plumbers ?
> >
> > Well it seems like an appropriate place for it. Alas there is almost no chance
> > of my being there, but let's hear a roll call - how many people (interested in
> > checkpoint/restart) will be or can be at plumber's?
> >
> > I'm pretty sure Suka and Dave will be there.
>
> Seems like I can make it.
Alexey, are you planning on being at the plumber's conf this year?
-serge
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list