Home » Mailing lists » Devel » Re: Re: Network virtualization/isolation
Re: Re: Network virtualization/isolation [message #16887 is a reply to message #16881] |
Sat, 09 December 2006 11:27 |
Tomasz Torcz
Messages: 1 Registered: December 2006
|
Junior Member |
|
|
On Sat, Dec 09, 2006 at 04:50:02AM +0100, Herbert Poetzl wrote:
> On Fri, Dec 08, 2006 at 12:57:49PM -0700, Eric W. Biederman wrote:
> > Herbert Poetzl <herbert@13thfloor.at> writes:
> >
> > >> But, ok, it is not the real point to argue so much imho
> > >> and waste our time instead of doing things.
>
> > > well, IMHO better talk (and think) first, then implement
> > > something ... not the other way round, and then start
> > > fixing up the mess ...
> >
> > Well we need a bit of both.
>
> hmm, are 'we' in a hurry here?
>
> until recently, 'Linux' (mainline) didn't even want
> to hear about OS Level virtualization, now there
> is a rush to quickly get 'something' in, not knowing
> or caring if it is usable at all?
Maybe beacuse other Operating Systems have it? For example Solaris'
Crossbow...
--
Tomasz Torcz RIP is irrevelant. Spoofing is futile.
zdzichu@irc.-nie.spam-.pl Your routes will be aggreggated. -- Alex Yuriev
_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers
|
|
|
Re: Re: Network virtualization/isolation [message #16888 is a reply to message #16887] |
Sat, 09 December 2006 19:04 |
Herbert Poetzl
Messages: 239 Registered: February 2006
|
Senior Member |
|
|
On Sat, Dec 09, 2006 at 12:27:34PM +0100, Tomasz Torcz wrote:
> On Sat, Dec 09, 2006 at 04:50:02AM +0100, Herbert Poetzl wrote:
> > On Fri, Dec 08, 2006 at 12:57:49PM -0700, Eric W. Biederman wrote:
> > > Herbert Poetzl <herbert@13thfloor.at> writes:
> > >
> > > >> But, ok, it is not the real point to argue so much imho
> > > >> and waste our time instead of doing things.
> >
> > > > well, IMHO better talk (and think) first, then implement
> > > > something ... not the other way round, and then start
> > > > fixing up the mess ...
> > >
> > > Well we need a bit of both.
> >
> > hmm, are 'we' in a hurry here?
> >
> > until recently, 'Linux' (mainline) didn't even want
> > to hear about OS Level virtualization, now there
> > is a rush to quickly get 'something' in, not knowing
> > or caring if it is usable at all?
>
> Maybe beacuse other Operating Systems have it?
well, that wasn't a good enough reason four years
ago, when Linux-VServer tried to push a 'jail'
implementation into mainline (was called security
contexts back then, and maintained by Jacques Gelinas)
> For example Solaris' Crossbow...
yes, but the technology isn't really new, not even
on Linux and not even in the Open Source community
but don't get me wrong here, I'm absolutely for
having virtualization (or virtualization elements)
in mainline, I just don't want to see a Q&D hack
'we' have to suffer from the next two years :)
HTC,
Herbert
> --
> Tomasz Torcz RIP is irrevelant. Spoofing is futile.
> zdzichu@irc.-nie.spam-.pl Your routes will be aggreggated. -- Alex Yuriev
>
_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers
|
|
|
Re: Re: Network virtualization/isolation [message #16889 is a reply to message #16885] |
Sat, 09 December 2006 21:18 |
Mishin Dmitry
Messages: 112 Registered: February 2006
|
Senior Member |
|
|
On Saturday 09 December 2006 09:35, Herbert Poetzl wrote:
> On Fri, Dec 08, 2006 at 10:13:48PM -0800, Andrew Morton wrote:
> > On Sat, 9 Dec 2006 04:50:02 +0100
> > Herbert Poetzl <herbert@13thfloor.at> wrote:
> >
> > > On Fri, Dec 08, 2006 at 12:57:49PM -0700, Eric W. Biederman wrote:
> > > > Herbert Poetzl <herbert@13thfloor.at> writes:
> > > >
> > > > >> But, ok, it is not the real point to argue so much imho
> > > > >> and waste our time instead of doing things.
> > >
> > > > > well, IMHO better talk (and think) first, then implement
> > > > > something ... not the other way round, and then start
> > > > > fixing up the mess ...
> > > >
> > > > Well we need a bit of both.
> > >
> > > hmm, are 'we' in a hurry here?
> > >
> > > until recently, 'Linux' (mainline) didn't even want
> > > to hear about OS Level virtualization, now there
> > > is a rush to quickly get 'something' in, not knowing
> > > or caring if it is usable at all?
> >
> > It's actually happening quite gradually and carefully.
>
> hmm, I must have missed a testing phase for the
> IPC namespace then, not that I think it is broken
> (well, maybe it is, we do not know yet)
Herbert,
you know that this code is used in our product. And in its turn, our
product is tested internally and by a community. We have no reports about
bugs in this code. If you have to say more than just "something to say",
please, say it.
>
> > > I think there are a lot of 'potential users' for
> > > this kind of virtualization, and so 'we' can test
> > > almost all aspects outside of mainline, and once
> > > we know the stuff works as expected, then we can
> > > integrate it ...
> > >
> > > the UTS namespace was something 'we all' had already
> > > implemented in this (or a very similar) way, and in
> > > one or two interations, it should actually work as
> > > expected. nevertheless, it was one of the simplest
> > > spaces ...
> > >
> > > we do not yet know the details for the IPC namespace,
> > > as IPC is not that easy to check as UTS, and 'we'
> > > haven't gotten real world feedback on that yet ...
> >
> > We are very dependent upon all stakeholders including yourself
> > to review, test and comment upon this infrastructure as it is
> > proposed and merged. If something is proposed which will not
> > suit your requirements then it is important that we hear about
> > it, in detail, at the earliest possible time.
>
> okay, good to hear that I'm still considered a stakeholder
>
> will try to focus the feedback and cc as many folks
> as possible, as it seems that some feedback is lost
> on the way upstream ...
>
> best,
> Herbert
>
> > Thanks.
>
--
Thanks,
Dmitry.
_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers
|
|
|
Re: Re: Network virtualization/isolation [message #16890 is a reply to message #16885] |
Sat, 09 December 2006 22:34 |
|
Herbert Poetzl wrote:
> On Fri, Dec 08, 2006 at 10:13:48PM -0800, Andrew Morton wrote:
>
>>
>> It's actually happening quite gradually and carefully.
>>
>
> hmm, I must have missed a testing phase for the
> IPC namespace then, not that I think it is broken
> (well, maybe it is, we do not know yet)
>
>
You have announced at LKML that Linux-VServer now uses the stuff that
was merged in 2.6.19-rc1, haven't you? I suppose that means you are
using IPC namespaces from mainstream? Isn't that considered testing? Or
you don't test Linux-VServer? Please clarify, I'm a bit lost here.
Speaking of OpenVZ, as Kirill Korotaev said before we have backported
all that to 2.6.18 back in September and are using it since then. And
yes, we found a bug in IPC namespaces, and fix from Pavel Emelyanov has
made it to 2.6.19-rc5 (see commit
c7e12b838989b0e432c7a1cdf1e6c6fd936007f6 to linux-2.6-git).
_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers
|
|
|
Re: Re: Network virtualization/isolation [message #16891 is a reply to message #16890] |
Sun, 10 December 2006 02:21 |
Herbert Poetzl
Messages: 239 Registered: February 2006
|
Senior Member |
|
|
On Sun, Dec 10, 2006 at 01:34:14AM +0300, Kir Kolyshkin wrote:
> Herbert Poetzl wrote:
> >On Fri, Dec 08, 2006 at 10:13:48PM -0800, Andrew Morton wrote:
> >
> >>
> >>It's actually happening quite gradually and carefully.
> >>
> >
> >hmm, I must have missed a testing phase for the
> >IPC namespace then, not that I think it is broken
> >(well, maybe it is, we do not know yet)
> >
> You have announced at LKML that Linux-VServer now uses the
> stuff that was merged in 2.6.19-rc1, haven't you?
yes, correct, and we already fixed several issues
the changes caused, both in handling as well as
functionality
> I suppose that means you are using IPC namespaces from
> mainstream?
yes, we do
> Isn't that considered testing?
of course it is testing, but it is already in
mainstream, and for my part, I wasn't able to
provide feedback from testing yet ...
> Or you don't test Linux-VServer?
we do the same testing you folks do IIRC
(i.e. some secret test procedure which takes
roughly a week or so, after which we can tell
that everything works as expected :)
> Please clarify, I'm a bit lost here.
> Speaking of OpenVZ, as Kirill Korotaev said before we have
> backported all that to 2.6.18 back in September
nice, but what relevance has that for 2.6.19?
> and are using it since then.
cool, how much feedback regarding IPC did you get
since then?
> And yes, we found a bug in IPC namespaces, and fix from
> Pavel Emelyanov has made it to 2.6.19-rc5 (see commit
> c7e12b838989b0e432c7a1cdf1e6c6fd936007f6 to linux-2.6-git).
it's good that some bugs have been found, but
of what relevance is that for testing mainline
patches?
- typical linux users will only excercise a
small fraction of the new code, if at all
- virtualization solutions like OpenVZ and
Linux-VServer add their custom modifications
and/or adjustments, and serve a much smaller
userbase
- I haven't seen any test suites or similar
for the spaces
so it all boils down to waiting for somebody to
stumble over an issue, which then will get fixed
just that the number of folks testing that is
quite small compared to 'other' mainline pathes
anyway, originally I was just answering to an
email pushing for 'fast' inclusion, which I do
not consider a good idea (as I already stated)
best,
Herbert
_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers
|
|
|
Goto Forum:
Current Time: Thu Dec 05 15:13:37 GMT 2024
Total time taken to generate the page: 0.08039 seconds
|