On Sat, Mar 01, 2014 at 02:58:41PM +0530, Kashyap Chamarthy wrote: > On Fri, Feb 28, 2014 at 02:56:52PM +0100, drago01 wrote: > > On Fri, Feb 28, 2014 at 2:43 PM, Stephen Gallagher <sgallagh@xxxxxxxxxx> wrote: > > [. . .] > > > SELinux working with it now. > > <mclasen> dargo01: I think that statement may be evolving ? > > <sgallagh> And Docker is moving to systemd-nspawn and away from lxc > > <mclasen> but certainly valuable to raise the question on the list, > > and see if lennart, dan or dan want to chime in > > <drago01> sgallagh: "Note that even though these security precautions > > are taken systemd-nspawn is not suitable for secure container setups. > > Many of the security features may be circumvented and are hence > > primarily useful to avoid accidental changes to the host system from > > the container. The intended use of this program is debugging and > > testing as well as building of packages, distributions and software > > involved with boot and systems mana > > <drago01> gement." [1] > > Just to note - recently I did a test to compile libguestfs in a > `systemd-nspawn` container. Details here[1] > > A single `make` job timing to compile everything on a systemd-nspawn: > > real 31m9.792s > user 17m18.359s > sys 13m17.868s > > For comparison, on the _host_, the same single `make` job timing: > > real 13m41.440s > user 13m5.816s > sys 1m9.911s These results don't make much sense to me. I would expect make to take a similar time on both. Do you have a proxy/cache that could be caching the RPMs that yumdownloader fetches during the build? Did you do the second build in the same directory as the first build? 'make clean' intentionally doesn't clean up some things like the appliance and test images which require lengthy rebuilds. You have to use 'make maintainer-clean' or 'make distclean' instead. libguestfs make (and especially 'make check') is a good stress-test, but it's too complicated and irreproducible to be a good benchmark. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://people.redhat.com/~rjones/virt-df/ -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
