[RFC][patch 13/21] PID Virtualization: Documentation

From: Hubertus Franke
Date: Thu Dec 15 2005 - 09:39:18 EST

Next message: Hubertus Franke: "[RFC][patch 14/21] PID Virtualization: pidspace"
Previous message: Hubertus Franke: "[RFC][patch 16/21] PID Virtualization: container attach/detach calls"
In reply to: Hubertus Franke: "[RFC][patch 16/21] PID Virtualization: container attach/detach calls"
Next in thread: Hubertus Franke: "[RFC][patch 14/21] PID Virtualization: pidspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

First (incomplete) attempt of documentation
Signed-off-by: Hubertus Franke <frankeh@xxxxxxxxxxxxxx>
--

Documentation/pidvirtualization.txt | 64 ++++++++++++++++++++++++++++++++++++
1 files changed, 64 insertions(+)

Index: linux-2.6.15-rc1/Documentation/containers.txt
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ linux-2.6.15-rc1/Documentation/containers.txt 2005-12-08 01:30:42.000000000 -0500
@@ -0,0 +1,64 @@
+This document describes the basics of the container
+
+Hubertus Franke <frankeh@xxxxxxxxxxxxxx>
+Serge E Hallyn <serue@xxxxxxxxxx>
+Cedric Legoater <clg@xxxxxxxxxx>
+
+Applications and associated processes can be containerized into
+"isolated" soft partitions. The goal is to make containers
+transparently migratable. To do so certain resources identifiers
+need to be virtualized.
+These includes
+ - pids, gids,
+ - SysV ids
+ - procfs
+Only resource belonging to a container can be accessed within
+the container.
+
+A "container" is created through a helper program <contexe>,
+that is supplied separately.
+A process moves itself to a container by writing
+the name of the container to create to /proc/container.
+Doing so makes the calling process the pseudo init process
+of the container.
+
+
+For example "contexe -j2 /bin/bash" spawns a bash within
+a new container <cont_2> and make the contexe process
+the containers virtual initproc.
+
+
+PID-VIRTUALIZATION:
+-------------------
+
+Let Process <A> be the currently running process ( e.g. bash with pid 913 )
+Each container has an associated pidspace id associated. Each pidspace
+id is managed like the standard pid range in linux.
+
+We obtain the following tree, where <pidspace | vpid > denotes the
+internal pid which is obtained by bitmasking.
+
+A some older bash < 0 | 913 >
+ |
+ \/
+B == contexe == < 0 | 1087 > ( also container->init_proc := A
+ container->init_pid := 1087
+ |
+ \/
+C == /bin/bash == < 1 | 2 >
+
+
+let's define the results here we are expecting.
+
+C in context of B: vpid = 2
+B in context of C: vpid = 1
+
+B in context of A: vpid = pid = 1087
+C in context of A: vpid = pid = < 1 | 2 >
+
+A in context of B: vpid = pid = 913
+A in context of C: vpid = -1
+
+< More to Follow >
+
+

--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Hubertus Franke: "[RFC][patch 14/21] PID Virtualization: pidspace"
Previous message: Hubertus Franke: "[RFC][patch 16/21] PID Virtualization: container attach/detach calls"
In reply to: Hubertus Franke: "[RFC][patch 16/21] PID Virtualization: container attach/detach calls"
Next in thread: Hubertus Franke: "[RFC][patch 14/21] PID Virtualization: pidspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]