Quoting Oren Laadan (orenl@xxxxxxxxxxxxxxx): > > > Serge E. Hallyn wrote: > > Quoting Oren Laadan (orenl@xxxxxxxxxxxxxxx): > >> > >> Serge E. Hallyn wrote: > >>> Quoting Oren Laadan (orenl@xxxxxxxxxxxxxxx): > >>>> Serge E. Hallyn wrote: > >>>>> A topic on ksummit agenda is 'containers end-game and how do we > >>>>> get there'. > >>>>> > >>>>> So for starters, looking just at application (and system) containers, what do > >>>>> the libvirt and liblxc projects want to see in kernel support that is currently > >>>>> missing? Are there specific things that should be done soon to make containers > >>>>> more useful and usable? > >>>>> > >>>>> More generally, the topic raises the question... what 'end-games' are there? > >>>>> A few I can think of off-hand include: > >>>>> > >>>>> 1. resource control > >>>>> 2. lightweight virtual servers > >>>>> 3. (or 2.5) unprivileged containers/jail-on-steroids > >>>>> (lightweight virtual servers in which you might, just > >>>>> maybe, almost, be able to give away a root account, at > >>>>> least as much as you could do so with a kvm/qemu/xen > >>>>> partition) > >>>>> 4. checkpoint, restart, and migration > >>>>> > >>>>> For each end-game, what kernel pieces do we think are missing? For instance, > >>>>> people seem agreed that resource control needs io control :) Containers imo > >>>>> need a user namespace. I think there are quite a few network namespace > >>>>> exploiters who require sysfs directory tagging (or some equivalent) to > >>>>> allow us to migrate physical devices into network namespaces. And > >>>>> checkpoint/restart needs... checkpoint/restart. > >>>> Heh ... it does need ... checkpoint/restart; and a few issues > >>>> which we should think about sometime -- > >>> Yup, these are all things we need to discuss. For some of them we might > >>> just need to flail about and code a few approaches until we figure out an > >>> answer, but then I think that everyone has thought about a few of these > >>> in some detail, so there probably is much we could gain from talking. > >>> > >>> ... Does this mean we should try to have a mini-summit in the next 6 > >>> months or so? I'd recommend having one right before kernel summit so > >>> we can get our act together, but getting everyone to tokyo to chat seems > >>> uneconomical :) It'd be good to chat about at least the first two items > >>> before the summit, though. > >>> > >> How about linux plumbers ? > > > > Well it seems like an appropriate place for it. Alas there is almost no chance > > of my being there, but let's hear a roll call - how many people (interested in > > checkpoint/restart) will be or can be at plumber's? > > > > I'm pretty sure Suka and Dave will be there. > > Seems like I can make it. Alexey, are you planning on being at the plumber's conf this year? -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
