OpenVZ Forum


Home » Mailing lists » Devel » semantics for namespace naming
semantics for namespace naming [message #17016] Wed, 13 December 2006 14:35 Go to previous message
serue is currently offline  serue
Messages: 750
Registered: February 2006
Senior Member
Let's say we have a vserver, from which we start some jobs
which we want to checkpoint/restart/migrate.  These are two
of the usages we currently foresee for the namespaces, though
I'd say it's safe to assume there will be more.

I'll want to be able to address the c/r jobs by some ID in
order to checkpoint and kill them.  I'll also want to be
able to address the entire vserver by some ID, in order to
kill it.  In that case the c/r jobs should also be killed.
So those jobs are known by at least two id's.  Furthermore, I
may want two vservers on the same machine, both running a c/r
job called 'calculate_pi'.

So we can look at this as a filesystem.  In the above scenario,
we've got /sergesvserver, /sergesvserver/calculate_pi,
/randomvserver, and /randomvserver/calculate_pi.  And, if
user hallyn logs into /sergesvserver using pam_namespace.so,
unsharing his mounts namespace to get a private /tmp and /home,
then he ends up in /sergesvserver/unnamed1.  So each nsproxy
has a node in the namespace id filesystem, with random names
unless/until it is renamed to a more meaningful name.  This
allows us to switch to a vserver by specifying the vserver's
name (ln /sys/namespaces/vserver1 /proc/nsproxy or whatever
semantics we end up using), kill an entire vserver recursively
(rm -rf /sys/namespaces/vserver1), perhaps even checkpoint
(tar jcf /tarballs/vserver1 /sys/namespaces/vserver1) and
certainly rename (mv /sys/namespaces/unnamed1 /sys/namespaces/sergeprivhome).

One key observeration which I haven't made explicit is that you
never actually leave a nsid ("container").  If you start under
/vserver1, you will always be under /vserver1.  I don't know of
any reason that would not be appropriate.  If I start a nested
vserver from there, then to me it may be known as
'vserver_testme', while to the admin of the machine, it would be
known as /vserver1/vserver_testme.

This makes one possible implementation of the container struct:

	struct container {
		struct container *parent;
		char *name;
		struct nsproxy *nsproxy;
		struct list_head children;
	};
	struct nsproxy {
		...
		struct container *container;
	};

Plus of course relevant sysfs stuff.

-serge
_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: [PATCH] compat offsets size change
Next Topic: [PATCH 1/12] L2 network namespace: current network namespace operations
Goto Forum:
  


Current Time: Sat Nov 09 07:51:59 GMT 2024

Total time taken to generate the page: 0.03213 seconds