On Mon, 2012-04-09 at 12:21 -0400, bfields@xxxxxxxxxxxx wrote: > On Mon, Apr 09, 2012 at 04:17:06PM +0000, Myklebust, Trond wrote: > > On Mon, 2012-04-09 at 12:11 -0400, bfields@xxxxxxxxxxxx wrote: > > > On Mon, Apr 09, 2012 at 08:08:57PM +0400, Stanislav Kinsbursky wrote: > > > > 09.04.2012 19:27, Jeff Layton пишет: > > > > > > > > > >If you allow one container to hand out conflicting locks while another > > > > >container is allowing reclaims, then you can end up with some very > > > > >difficult to debug silent data corruption. That's the worst possible > > > > >outcome, IMO. We really need to actively keep people from shooting > > > > >themselves in the foot here. > > > > > > > > > >One possibility might be to only allow filesystems to be exported from > > > > >a single container at a time (and allow that to be overridable somehow > > > > >once we have a working active/active serving solution). With that, you > > > > >may be able limp along with a per-container grace period handling > > > > >scheme like you're proposing. > > > > > > > > > > > > > Ok then. Keeping people from shooting themselves here sounds reasonable. > > > > And I like the idea of exporting a filesystem only from once per > > > > network namespace. > > > > > > Unfortunately that's not going to get us very far, especially not in the > > > v4 case where we've got the common read-only pseudoroot that everyone > > > has to share. > > > > I don't see how that can work in cases where each container has its own > > private mount namespace. You're going to have to tie that pseudoroot to > > the mount namespace somehow. > > Sure, but in typical cases it'll still be shared; requiring that they > not be sounds like a severe limitation. I'd expect the typical case to be the non-shared namespace: the whole point of containers is to provide for complete isolation of processes. Usually that implies that you don't want them to be able to communicate via a shared filesystem. -- Trond Myklebust Linux NFS client maintainer NetApp Trond.Myklebust@xxxxxxxxxx www.netapp.com ��.n��������+%������w��{.n�����{��w���jg��������ݢj����G�������j:+v���w�m������w�������h�����٥