| |||||||||||||
Namespaces in operation, part 1: namespaces overviewNamespaces in operation, part 1: namespaces overviewPosted Jan 4, 2013 22:58 UTC (Fri) by Cyberax (✭ supporter ✭, #52523)In reply to: Namespaces in operation, part 1: namespaces overview by ebiederm Parent article: Namespaces in operation, part 1: namespaces overview
So how do they interact? Can I export a limited view of cgroups to a container?
(Log in to post comments)
Namespaces in operation, part 1: namespaces overview Posted Jan 5, 2013 6:39 UTC (Sat) by ebiederm (subscriber, #35028) [Link]
I though you were asking about how the controls interact with the namespaces at the implementation level of objects, and at that level they are orgothogonal.
As for taking a slice of a control group hierarchy and making it visible in a container the best practical solution I have heard is to do a "mount --bind" of a slice of that hierarchy into a container. Something better was promised at the time control groups were merged but that has never appeared.
The design mistake of embedding a view of the system packed with global identifiers and silly unwarranted assumptions into a filesystem seems to be an easy mistake to make and is very annoying to deal with.
From what little time I have had to look at the control group interface to user space, and the control group model of controlling resources, and the direction all of that is evolving I really don't like the result. Still today control groups are the best solution we have in linux today to the recursive resource limiting problem.
I encourage people who care to help by looking at control groups, reporting bugs and usability problems, and even better writing and submitting patches.
|
|||||||||||||