Cedric Le Goater <clg at fr.ibm.com> writes: > Herbert Poetzl wrote: >> >> resource (could be limits and/or accounting), >> lightweight-net, (maybe fs in contrast to vfs) > > I guess we're reaching the limits anyway and it would not leave much room > in the clone flags for other features not related to containers. > > It's not like we're adding one or two, we would take at least 6 : uts, ipc, > user, pid, net, time, etc. I'm sure ideas to extend the list will come when > this is in use ... I think the resource is possibly real, as at least ubc introduces a new set of global names, and yet another global namespace sucks. Something I now need to challenge the implementors on. If we do a lightweight net I don't think it will be a namespace. Because isolation does needs separate names, just some sort of filtering mechanism. I think being tight here is in some sense a virtue, as it forces us to think very carefully about adding yet another namespace :) Eric