limitations on jail style virtualization
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Sat Nov 13 21:30:07 UTC 2010
On Sat, 13 Nov 2010, Julian Elischer wrote:
Hi Julian,
> We discussed this at MeetBSD last week and it woudl seem that the next
> big hurdle for virtualization would seem to be a good concept to allow
> jails to have virtual versions of various virtual devices..
>
> for example
>
> pf has been virtualized (when IS that patch going to get committed?) but
> pfsync
> and pflog use special devices in /dev.
>
> similarly bpf uses /dev entries but the way they are used means they are
> still useful.
>
> so what happend when a device that is accessed from within a jail creates a
> cloning device?
> should it just turn up in the devfs for that jail?
> and should it be visible in other jails that happen to be sharing the same
> /dev?
>
>
> I have no preconceived ideas abot this. Just possibilities.
>
> should the cloning code work alongside a new devfs feature that would make
> 'per jail' entries? i.e. tun0 would be a different device depending on what
> jail
> you were in looking at the /dev?
For a discussion summary that sounds sparse unless it was only a short
brainstorming;-) Can you please elaborate on the "we" and other "use
cases" as this really sounds like a per-interface decision to me and
there might be work in progress from multiple people already.
/bz
--
Bjoern A. Zeeb Welcome a new stage of life.
<ks> Going to jail sucks -- <bz> All my daemons like it!
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails.html
More information about the freebsd-virtualization
mailing list