kernel level virtualisation requirements.

Miroslav Lachman 000.fbsd at quip.cz
Sun Oct 14 06:29:12 PDT 2007 

Alexander Leidinger wrote:

> Quoting Miroslav Lachman <000.fbsd at quip.cz> (Sat, 13 Oct 2007 12:35:05 +0200):

[...]
>>It would be nice to have something from vserver, something from zones, 
>>from xen, from jails etc.
>> From my point of view:
>>
>>CPU limits - specified as relative part of shares (container can get 
>>more CPU power if CPU is not 100% loaded) or set to absolute (container 
>>can't get more than specified CPU power, so one can use it to test 
>>applications on slow CPUs etc.)
>>
>>Memory limits - same as CPU
>>
>>Disk - it would be nice if I can set how many disk space each container 
>>can use. (with similar interface as disk quotas - soft+hard limits and 
>>space+inodes). Maybe setting of disk I/O in similar style as CPU and 
>>memory limits above.
> 
> 
> You can have something like this already with zfs. Just for
> information, it doesn't mean we don't need to talk about this point.

I did not have enough time to play with FreeBSD 7 and ZFS. It is good to 
know we have it yet. :)

>>UIDs - independent UIDs in containers. In relation to UIDs, one can use 
>>disk quotas inside containers.
> 
> 
> Can you please clarify what you mean here? Are you talking about the
> current quota support and how it handles UIDs on the host? If your disk
> proposal above is implemented, I can imagine that the current quota
> stuff is independent from this and wouldn't need a decoupling from UIDs
> in a jail from the UIDs on the host.

Yes I was talking about current quota support na UIDs on host. If I have 
UID 1001 on host and UID 1001 in two jails on same mountpoint, current 
quotas can not be used. Or am I wrong?

>>Network bandwidth - same as CPU and memory
> 
> 
> We have this already with dummynet and/or pf, don't we?

OK, you are right, one can do this with dummynet or pf in simple jail 
config, but with hierarchical structer, multiple IPs etc. Will it be 
still usable? Maybe just implement some layer/utility to wrap around 
container (jail) settings and generate proper dummynet / pf rules will 
be enough.

Miroslav Lachman

More information about the freebsd-arch mailing list