Posted Sep 10, 2007 22:59 UTC (Mon) by kolyshkin
Parent article: KS2007: Containers
By the way, slides used for this session are available here.
An important milestone will be the incorporation of PID namespaces, which will make it possible to start actually playing with Linux containers. That code should, with luck, be merged before too long
(Most of) PID namespaces code are already in -mm tree.
It is, he says, a more general solution than OpenVZ
Yes, in a sense that one can only use parts of container functionality (like only have a PID namespace, or a network namespace) -- which makes sense in some situations. Currently, OpenVZ kernel only lets you use just some parts separately (like beancounters, or fair CPU scheduler), and this is only from the kernel side -- user-level tools can only deal with "full scale" containers.
From the other side, checkpointing is only possible when container is a closed object, so "half-containers" can not be checkpointed.
So, how close are we to having a working container solution?
A big part here is resource management. Memory controller that is now in -mm is just the very beginning -- there is a whole lot more than RSS and page cache (from the other side, Pavel Emelyanov already sent kernel memory controller patchset as an RFC). Group-based CFQ scheduling is not yet merged AFAIK. Group I/O scheduling (based on Jens Axboe's CFQ) will probably be sent for review soon; but scheduling delayed writes requires some dirty page tracking mechanism that only exists in OpenVZ for now (described in Pavel's paper), a discussion of how to implement that for mainstream is not even started.
At the end -- there are a lot of issues to be solved, but given the latest progress, most of the functionality could be there in a year or so, so I more or less agree with your optimistic forecast. :)
When containers are ready, we can start work on checkpointing.
to post comments)