A topic on ksummit agenda is 'containers end-game and how do we get there'. So for starters, looking just at application (and system) containers, what do the libvirt and liblxc projects want to see in kernel support that is currently missing? Are there specific things that should be done soon to make containers more useful and usable? More generally, the topic raises the question... what 'end-games' are there? A few I can think of off-hand include: 1. resource control 2. lightweight virtual servers 3. (or 2.5) unprivileged containers/jail-on-steroids (lightweight virtual servers in which you might, just maybe, almost, be able to give away a root account, at least as much as you could do so with a kvm/qemu/xen partition) 4. checkpoint, restart, and migration For each end-game, what kernel pieces do we think are missing? For instance, people seem agreed that resource control needs io control :) Containers imo need a user namespace. I think there are quite a few network namespace exploiters who require sysfs directory tagging (or some equivalent) to allow us to migrate physical devices into network namespaces. And checkpoint/restart needs... checkpoint/restart. thanks, -serge -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list