* Serge E. Hallyn <serue@xxxxxxxxxx> [2009-06-30 15:06:13]: > Quoting Balbir Singh (balbir@xxxxxxxxxxxxxxxxxx): > > On Tue, Jun 23, 2009 at 8:26 PM, Serge E. Hallyn<serue@xxxxxxxxxx> wrote: > > > A topic on ksummit agenda is 'containers end-game and how do we > > > get there'. > > > > > > So for starters, looking just at application (and system) containers, what do > > > the libvirt and liblxc projects want to see in kernel support that is currently > > > missing? Are there specific things that should be done soon to make containers > > > more useful and usable? > > > > > > More generally, the topic raises the question... what 'end-games' are there? > > > A few I can think of off-hand include: > > > > > > 1. resource control > > > > We intend to hold a io-controller minisummit before KS, we should have > > updates on that front. We also need to discuss CPU hard limits and > > Memory soft limits. We need control for memory large page, mlock, OOM > > notification support, shared page accounting, etc. Eventually on the > > libvirt front, we want to isolate cgroup and lxc support into > > individual components (long term) > > Thanks, Balbir. By the last sentence, are you talking about having > cgroup in its own libcgroup, or do you mean something else? > > On the topic of cgroups, does anyone not agree that we should try > to get rid of the ns cgroup, at least once user namespaces can > prevent root in a container from escaping their cgroup? > I would have no objections to trying to obsolete ns cgroup once user namespaces can do what you suggest. -- Balbir -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list