kernel level virtualisation requirements.

[James Gritton]

Julian Elischer wrote:

 > What I'd like to see is a bit of a 'a-la-carte' virtualisation
 > ability.
...
 > My question to you, the reader, is:
 > what aspects of virtualisation (the appearance of multiple instances
 > of some resource) would you like to see in the system?

Of course everything jail has now, and all the network bits that vimage 
offers.

CPU scheduling, in particular schedule the CPU first by jail, and then
by processes within jail.

Filesystem quotas, without the need for each jail to have its own mount 
point.

A lot of things that fall under the IPC category: UNIX domain sockets 
(part of
jail chroot I suppose), PTYs, tunnel devices, SYSV IPC, file locks.

Swap space and resident memory limits.


The sysctl mechanism seems a good way to declare jails as having one 
capability
or the other.  This would alleviate the need to keep updating the jail
structure when someone has a new idea, especially handy since the single
structure makes it very hard to work on more than one new idea at a time.

- Jamie