From owner-freebsd-virtualization@FreeBSD.ORG Mon Jul 14 07:34:24 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 37E20106564A for ; Mon, 14 Jul 2008 07:34:24 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outJ.internet-mail-service.net (outj.internet-mail-service.net [216.240.47.233]) by mx1.freebsd.org (Postfix) with ESMTP id 271128FC13 for ; Mon, 14 Jul 2008 07:34:23 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id BBB632339; Mon, 14 Jul 2008 00:34:24 -0700 (PDT) Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 48E7E2D601B; Mon, 14 Jul 2008 00:34:23 -0700 (PDT) Message-ID: <487B0129.5070000@elischer.org> Date: Mon, 14 Jul 2008 00:32:57 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: freebsd-virtualization@freebsd.org, Marko Zec , James Gritton , Robert Watson , "Bjoern A. Zeeb" Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: doc on porting code to Vimage slight updates. X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 07:34:24 -0000 The file visible from http://perforce.freebsd.org/fileDownLoad.cgi?FSPC=//depot/projects/vimage/porting%5fto%5fvimage.txt has been updated to clarify a few points. more changes will come. From owner-freebsd-virtualization@FreeBSD.ORG Mon Jul 14 22:52:52 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B7A861065671 for ; Mon, 14 Jul 2008 22:52:52 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from gritton.org (gritton.org [161.58.222.4]) by mx1.freebsd.org (Postfix) with ESMTP id 8B7C88FC1A for ; Mon, 14 Jul 2008 22:52:52 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id m6EMqpT1019406 for ; Mon, 14 Jul 2008 16:52:51 -0600 (MDT) Message-ID: <487BD8BE.1040609@gritton.org> Date: Mon, 14 Jul 2008 16:52:46 -0600 From: James Gritton User-Agent: Thunderbird 2.0.0.9 (X11/20080228) MIME-Version: 1.0 To: freebsd-virtualization@freebsd.org Content-Type: multipart/mixed; boundary="------------070508040703010508000301" X-Virus-Scanned: ClamAV version 0.93, clamav-milter version 0.93 on gritton.org X-Virus-Status: Clean Subject: IFNET_WLOCK missing from if_reassign_common X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 22:52:52 -0000 This is a multi-part message in MIME format. --------------070508040703010508000301 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit In testing jail_set_vimage, I found that moving a network interface cause a assertion failure in ifnet_setbyindex. It turns out that if_reassign_common in kern_vimage.c should be locking IFNET_WLOCK. I'm including a patch that locks it in the same way it's done in if_alloc (which seems to be the inspiration for much of this code). - Jamie --------------070508040703010508000301 Content-Type: text/plain; name="kern_vimage.diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="kern_vimage.diff" --- ov/src/sys/kern/kern_vimage.c Wed Jul 9 14:14:03 2008 +++ src/sys/kern/kern_vimage.c Mon Jul 14 16:44:18 2008 @@ -283,10 +283,12 @@ do { INIT_VNET_NET(curvnet); + IFNET_WLOCK(); ifnet_setbyindex(ifp->if_index, NULL); /* XXX: should be locked with if_findindex() */ while (V_if_index > 0 && ifnet_byindex(V_if_index) == NULL) V_if_index--; + IFNET_WUNLOCK(); } while (0); CURVNET_SET_QUIET(new_vnet); @@ -309,7 +311,9 @@ V_if_index = ifp->if_index; if (V_if_index >= V_if_indexlim) if_grow(); + IFNET_WLOCK(); ifnet_setbyindex(ifp->if_index, ifp); + IFNET_WUNLOCK(); /* Rename the ifnet */ if (new_vnet == ifp->if_home_vnet) { --------------070508040703010508000301-- From owner-freebsd-virtualization@FreeBSD.ORG Mon Jul 14 23:10:26 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E295B106564A for ; Mon, 14 Jul 2008 23:10:26 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outM.internet-mail-service.net (outm.internet-mail-service.net [216.240.47.236]) by mx1.freebsd.org (Postfix) with ESMTP id D95EB8FC21 for ; Mon, 14 Jul 2008 23:10:26 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id C05CC242F; Mon, 14 Jul 2008 16:10:31 -0700 (PDT) Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 0991B2D601B; Mon, 14 Jul 2008 16:10:25 -0700 (PDT) Message-ID: <487BDC7A.8040606@elischer.org> Date: Mon, 14 Jul 2008 16:08:42 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: James Gritton References: <487BD8BE.1040609@gritton.org> In-Reply-To: <487BD8BE.1040609@gritton.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-virtualization@freebsd.org Subject: Re: IFNET_WLOCK missing from if_reassign_common X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 23:10:27 -0000 James Gritton wrote: > In testing jail_set_vimage, I found that moving a network interface > cause a assertion failure in ifnet_setbyindex. It turns out that > if_reassign_common in kern_vimage.c should be locking IFNET_WLOCK. I'm > including a patch that locks it in the same way it's done in if_alloc > (which seems to be the inspiration for much of this code). > > - Jamie cool, Jamie, do you want (write) access to the actual vimage tree in p4? > > > ------------------------------------------------------------------------ > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to "freebsd-virtualization-unsubscribe@freebsd.org" From owner-freebsd-virtualization@FreeBSD.ORG Mon Jul 14 23:13:23 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C8CEC1065677 for ; Mon, 14 Jul 2008 23:13:23 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from gritton.org (gritton.org [161.58.222.4]) by mx1.freebsd.org (Postfix) with ESMTP id 9B8318FC1B for ; Mon, 14 Jul 2008 23:13:23 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id m6ENDJhZ021854; Mon, 14 Jul 2008 17:13:19 -0600 (MDT) Message-ID: <487BDD8A.9060300@gritton.org> Date: Mon, 14 Jul 2008 17:13:14 -0600 From: James Gritton User-Agent: Thunderbird 2.0.0.9 (X11/20080228) MIME-Version: 1.0 To: Julian Elischer References: <487BD8BE.1040609@gritton.org> <487BDC7A.8040606@elischer.org> In-Reply-To: <487BDC7A.8040606@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV version 0.93, clamav-milter version 0.93 on gritton.org X-Virus-Status: Clean Cc: freebsd-virtualization@freebsd.org Subject: Re: IFNET_WLOCK missing from if_reassign_common X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 23:13:23 -0000 Sure - hopefully the soon to be announced jail_set changes for vimage will be pronounced acceptable, and then I can merge them in. - Jamie Julian Elischer wrote: > James Gritton wrote: >> In testing jail_set_vimage, I found that moving a network interface >> cause a assertion failure in ifnet_setbyindex. It turns out that >> if_reassign_common in kern_vimage.c should be locking IFNET_WLOCK. >> I'm including a patch that locks it in the same way it's done in >> if_alloc (which seems to be the inspiration for much of this code). >> >> - Jamie > > cool, > > Jamie, do you want (write) access to the actual vimage tree in p4? From owner-freebsd-virtualization@FreeBSD.ORG Mon Jul 14 23:46:23 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 66F1A106566C for ; Mon, 14 Jul 2008 23:46:23 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from gritton.org (gritton.org [161.58.222.4]) by mx1.freebsd.org (Postfix) with ESMTP id 20DC48FC21 for ; Mon, 14 Jul 2008 23:46:22 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id m6ENkL87025338 for ; Mon, 14 Jul 2008 17:46:22 -0600 (MDT) Message-ID: <487BE548.3050500@gritton.org> Date: Mon, 14 Jul 2008 17:46:16 -0600 From: James Gritton User-Agent: Thunderbird 2.0.0.9 (X11/20080228) MIME-Version: 1.0 To: freebsd-virtualization@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV version 0.93, clamav-milter version 0.93 on gritton.org X-Virus-Status: Clean Subject: jail_set_vimage - Vimage under new jails X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 23:46:23 -0000 I've finished the merge of jail_set and Vimage. This uses the name-based jails instead of the jail-similar vimage frameworks, with Vimage's VNET stuff being enabled in a jail with the "vnet" parameter (in this scenario, it's optional whether a jail has its own network stack or just inherits its parent's). Once such a jail is set up, it behaves in the same way as a vimage does, as far as the network stack separation goes. The only difference is in administration, which uses the jail framework. In addition to the main changes of moving vnet from struct vimage to a prison service, some related changes are: * Future-compat hooks for the vprocg and vcpu stuff has been removed - when such stuff is added, it would belong under the jail umbrella. This means that the three subsystems V_NET, V_PROCG, and V_CPU are reduced to one subsystem V_VNET, which actually amounts to no subsystems at all anymore. * The IMUNES_SYMLINK_HACK has gone away, though I suppose it could come back. * The V_hostname (and G_hostname and *_domainname) stuff has been removed, in favor of the way jail_set handles virtual hostnames. * The jail_set userspace changes to jail programs have been added. * The vimage program has been superseded by the vifmove program. It uses a struct vifmovereq, which replaces the obsolete struct vi_req. * Some other bits I mentioned (simpler sysctls and a locking fix) have found their way in. Probably also some other bits I haven't mentioned. The VNET modularization is still that way it was. While vnet has become a prison service, essentially a jail module, the network modules that plug in to vnet know nothing of the jail situation, and remain VNET modules. The vnet pointers still live in interfaces, sockets, threads, wherever they used to be. The places that had vimage pointers now have prison pointers, but there weren't very many of those. This is in the perforce tree //depot/user/jamie/jail_set_vimage, and a patch is at http://gritton.org/jail_set_vimage.diff. This is my vision of the future direction of Vimage, and of course I hope it becomes "the" vision. In other words: Marko and Julian, give it a try and let me know what you think. - Jamie From owner-freebsd-virtualization@FreeBSD.ORG Tue Jul 15 00:12:59 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5B6FE106567D for ; Tue, 15 Jul 2008 00:12:59 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outP.internet-mail-service.net (outp.internet-mail-service.net [216.240.47.239]) by mx1.freebsd.org (Postfix) with ESMTP id 4EA0A8FC18 for ; Tue, 15 Jul 2008 00:12:59 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id CBB1721F4; Mon, 14 Jul 2008 17:13:18 -0700 (PDT) Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id F19CF2D6016; Mon, 14 Jul 2008 17:12:57 -0700 (PDT) Message-ID: <487BEB21.6040407@elischer.org> Date: Mon, 14 Jul 2008 17:11:13 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: James Gritton References: <487BE548.3050500@gritton.org> In-Reply-To: <487BE548.3050500@gritton.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Marko Zec , freebsd-virtualization@freebsd.org Subject: Re: jail_set_vimage - Vimage under new jails X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 00:12:59 -0000 James Gritton wrote: > I've finished the merge of jail_set and Vimage. This uses the > name-based jails instead of the jail-similar vimage frameworks, with > Vimage's VNET stuff being enabled in a jail with the "vnet" parameter > (in this scenario, it's optional whether a jail has its own network > stack or just inherits its parent's). Once such a jail is set up, it > behaves in the same way as a vimage does, as far as the network stack > separation goes. The only difference is in administration, which uses > the jail framework. > > In addition to the main changes of moving vnet from struct vimage to a > prison service, some related changes are: > > * Future-compat hooks for the vprocg and vcpu stuff has been removed - > when such stuff is added, it would belong under the jail umbrella. > This means that the three subsystems V_NET, V_PROCG, and V_CPU are > reduced to one subsystem V_VNET, which actually amounts to no > subsystems at all anymore. > * The IMUNES_SYMLINK_HACK has gone away, though I suppose it could > come back. > * The V_hostname (and G_hostname and *_domainname) stuff has been > removed, in favor of the way jail_set handles virtual hostnames. > * The jail_set userspace changes to jail programs have been added. > * The vimage program has been superseded by the vifmove program. It > uses a struct vifmovereq, which replaces the obsolete struct vi_req. > * Some other bits I mentioned (simpler sysctls and a locking fix) have > found their way in. Probably also some other bits I haven't > mentioned. > > The VNET modularization is still that way it was. While vnet has > become a prison service, essentially a jail module, the network > modules that plug in to vnet know nothing of the jail situation, and > remain VNET modules. The vnet pointers still live in interfaces, > sockets, threads, wherever they used to be. The places that had > vimage pointers now have prison pointers, but there weren't very many > of those. > > This is in the perforce tree //depot/user/jamie/jail_set_vimage, and a > patch is at http://gritton.org/jail_set_vimage.diff. > > This is my vision of the future direction of Vimage, and of course I hope > it becomes "the" vision. In other words: Marko and Julian, give it a try > and let me know what you think. This is cool stuff.. You have no idea how good it is to have other people looking at the Vimage code with fresh eyes and thoughts. Vimage importation was delayed for a number of reasons, some technical as people brought up issues, but ONE of them was I saw this on the side and after thinking about our talk at BSDCan I thought it would be better to see what came from it. (Also because both Marko and I ran out of hours for awhile while $LIFE intervened in one way or another. It was pointed out at BSDCan that "BSD Jails" is a kind of "unofficial trade name" that BSD has that is well known and respected and that keeping The "Jail" name maybe with "new and improved, now with 'VNET' support for whiter whites" might be a smart move from the PR point of view. One question I have is to do with Jails in general. There are a lot of other patches floating around with jails features. How many of those patches are going to be incorporated? Julian > > - Jamie > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to > "freebsd-virtualization-unsubscribe@freebsd.org" From owner-freebsd-virtualization@FreeBSD.ORG Tue Jul 15 00:15:04 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5A5F6106566B for ; Tue, 15 Jul 2008 00:15:04 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outK.internet-mail-service.net (outk.internet-mail-service.net [216.240.47.234]) by mx1.freebsd.org (Postfix) with ESMTP id 4D0908FC0A for ; Tue, 15 Jul 2008 00:15:04 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 038D12472; Mon, 14 Jul 2008 17:15:05 -0700 (PDT) Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 9E6652D601A; Mon, 14 Jul 2008 17:15:03 -0700 (PDT) Message-ID: <487BEB9F.3000502@elischer.org> Date: Mon, 14 Jul 2008 17:13:19 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: James Gritton References: <487BE548.3050500@gritton.org> <487BEB21.6040407@elischer.org> In-Reply-To: <487BEB21.6040407@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Marko Zec , freebsd-virtualization@freebsd.org Subject: Re: jail_set_vimage - Vimage under new jails X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 00:15:04 -0000 Julian Elischer wrote: > James Gritton wrote: >> I've finished the merge of jail_set and Vimage. This uses the >> name-based jails instead of the jail-similar vimage frameworks, with >> Vimage's VNET stuff being enabled in a jail with the "vnet" parameter >> (in this scenario, it's optional whether a jail has its own network >> stack or just inherits its parent's). Once such a jail is set up, it >> behaves in the same way as a vimage does, as far as the network stack >> separation goes. The only difference is in administration, which uses >> the jail framework. I liked the hierarchical feature of the vimage system. when you say "name based", do you mean the code you refer to is not hierarchical? >> >> In addition to the main changes of moving vnet from struct vimage to a >> prison service, some related changes are: >> >> * Future-compat hooks for the vprocg and vcpu stuff has been removed - >> when such stuff is added, it would belong under the jail umbrella. >> This means that the three subsystems V_NET, V_PROCG, and V_CPU are >> reduced to one subsystem V_VNET, which actually amounts to no >> subsystems at all anymore. >> * The IMUNES_SYMLINK_HACK has gone away, though I suppose it could >> come back. >> * The V_hostname (and G_hostname and *_domainname) stuff has been >> removed, in favor of the way jail_set handles virtual hostnames. >> * The jail_set userspace changes to jail programs have been added. >> * The vimage program has been superseded by the vifmove program. It >> uses a struct vifmovereq, which replaces the obsolete struct vi_req. >> * Some other bits I mentioned (simpler sysctls and a locking fix) have >> found their way in. Probably also some other bits I haven't >> mentioned. >> >> The VNET modularization is still that way it was. While vnet has >> become a prison service, essentially a jail module, the network >> modules that plug in to vnet know nothing of the jail situation, and >> remain VNET modules. The vnet pointers still live in interfaces, >> sockets, threads, wherever they used to be. The places that had >> vimage pointers now have prison pointers, but there weren't very many >> of those. >> >> This is in the perforce tree //depot/user/jamie/jail_set_vimage, and a >> patch is at http://gritton.org/jail_set_vimage.diff. >> >> This is my vision of the future direction of Vimage, and of course I hope >> it becomes "the" vision. In other words: Marko and Julian, give it a try >> and let me know what you think. > > This is cool stuff.. > > You have no idea how good it is to have other people looking at > the Vimage code with fresh eyes and thoughts. > > Vimage importation was delayed for a number of reasons, some technical > as people brought up issues, but ONE of them was I saw this on the > side and after thinking about our talk at BSDCan I thought it would > be better to see what came from it. (Also because both Marko and > I ran out of hours for awhile while $LIFE intervened in one way > or another. > > It was pointed out at BSDCan that "BSD Jails" is a kind of > "unofficial trade name" that BSD has that is well known and > respected and that keeping The "Jail" name maybe with > "new and improved, now with 'VNET' support for whiter whites" > might be a smart move from the PR point of view. > > One question I have is to do with Jails in general. > There are a lot of other patches floating around with > jails features. How many of those patches are going to be > incorporated? > > Julian > > > > > > >> >> - Jamie >> _______________________________________________ >> freebsd-virtualization@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization >> To unsubscribe, send any mail to >> "freebsd-virtualization-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to > "freebsd-virtualization-unsubscribe@freebsd.org" From owner-freebsd-virtualization@FreeBSD.ORG Tue Jul 15 00:22:42 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8FCA11065674 for ; Tue, 15 Jul 2008 00:22:42 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from gritton.org (gritton.org [161.58.222.4]) by mx1.freebsd.org (Postfix) with ESMTP id 6329E8FC15 for ; Tue, 15 Jul 2008 00:22:42 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id m6F0MeRb029509; Mon, 14 Jul 2008 18:22:40 -0600 (MDT) Message-ID: <487BEDCA.8090705@gritton.org> Date: Mon, 14 Jul 2008 18:22:34 -0600 From: James Gritton User-Agent: Thunderbird 2.0.0.9 (X11/20080228) MIME-Version: 1.0 To: freebsd-virtualization@freebsd.org References: <487BE548.3050500@gritton.org> <487BEB21.6040407@elischer.org> <487BEB9F.3000502@elischer.org> In-Reply-To: <487BEB9F.3000502@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV version 0.93, clamav-milter version 0.93 on gritton.org X-Virus-Status: Clean Cc: Julian Elischer Subject: Re: jail_set_vimage - Vimage under new jails X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 00:22:42 -0000 These jails are hierarchical. The "named-based" I refer to is the extensibility, where new named parameters can be set in the jail_set system call, rather than relying on a fixed structure. Perhaps I should just say "extensible" instead. - Jamie Julian Elischer wrote: >> James Gritton wrote: >> I've finished the merge of jail_set and Vimage. This uses the >> name-based jails instead of the jail-similar vimage frameworks, with >> Vimage's VNET stuff being enabled in a jail with the "vnet" parameter >> (in this scenario, it's optional whether a jail has its own network >> stack or just inherits its parent's). Once such a jail is set up, it >> behaves in the same way as a vimage does, as far as the network stack >> separation goes. The only difference is in administration, which uses >> the jail framework. > > I liked the hierarchical feature of the vimage system. > when you say "name based", do you mean the code you refer to is > not hierarchical? From owner-freebsd-virtualization@FreeBSD.ORG Tue Jul 15 01:39:25 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 078071065672 for ; Tue, 15 Jul 2008 01:39:25 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from gritton.org (gritton.org [161.58.222.4]) by mx1.freebsd.org (Postfix) with ESMTP id CCA928FC19 for ; Tue, 15 Jul 2008 01:39:24 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from glorfindel.gritton.org (c-76-27-80-223.hsd1.ut.comcast.net [76.27.80.223]) (authenticated bits=0) by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id m6F1dNWt037652 for ; Mon, 14 Jul 2008 19:39:23 -0600 (MDT) Message-ID: <487BFFCA.4090105@gritton.org> Date: Mon, 14 Jul 2008 19:39:22 -0600 From: James Gritton User-Agent: Thunderbird 2.0.0.9 (X11/20080228) MIME-Version: 1.0 To: freebsd-virtualization@freebsd.org References: <487BE548.3050500@gritton.org> <487BEB21.6040407@elischer.org> In-Reply-To: <487BEB21.6040407@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV version 0.93, clamav-milter version 0.93 on gritton.org X-Virus-Status: Clean Subject: Re: jail_set_vimage - Vimage under new jails X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 01:39:25 -0000 I'd like to have "jail_set versions" of a lot of what's out there - certainly what's being currently worked on. My next target is Bjoern Zeeb's multi-ip/no-ip/ipv6 extension (actually, I've got no-ip already). But I don't want to turn it all into one grand jail_set patch without buy-in, as I don't know which patches have what kind of support. Some things like vimage work well as prison services, using the provided jail layering and remaining their own separate things. But most of the jail patches are extensions to the base jail stuff itself, and would make more sense to just add to the existing jail code. Some of these changes re-appear in different forms in different patches. - Jamie Julian Elischer wrote: > One question I have is to do with Jails in general. > There are a lot of other patches floating around with > jails features. How many of those patches are going to be > incorporated? From owner-freebsd-virtualization@FreeBSD.ORG Tue Jul 15 11:35:08 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AB1401065679 for ; Tue, 15 Jul 2008 11:35:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id 5352A8FC18 for ; Tue, 15 Jul 2008 11:35:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id B949A41C650; Tue, 15 Jul 2008 13:35:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id JGl6zh+lGKFD; Tue, 15 Jul 2008 13:35:06 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id 5F94D41C63C; Tue, 15 Jul 2008 13:35:06 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 6A8FA44487F; Tue, 15 Jul 2008 11:32:20 +0000 (UTC) Date: Tue, 15 Jul 2008 11:32:19 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: James Gritton In-Reply-To: <487BFFCA.4090105@gritton.org> Message-ID: <20080715111109.K57089@maildrop.int.zabbadoz.net> References: <487BE548.3050500@gritton.org> <487BEB21.6040407@elischer.org> <487BFFCA.4090105@gritton.org> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-virtualization@freebsd.org Subject: Re: jail_set_vimage - Vimage under new jails X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 11:35:08 -0000 On Mon, 14 Jul 2008, James Gritton wrote: Hi, > Julian Elischer wrote: >> One question I have is to do with Jails in general. >> There are a lot of other patches floating around with >> jails features. How many of those patches are going to be >> incorporated? I am aware of one, mostly to be able to MFC it to 7. For more see http://wiki.freebsd.org/Jails which is a good overview but also has to be read with a pinch of salt for some items. > I'd like to have "jail_set versions" of a lot of what's out there - certainly > what's being currently worked on. My next target is Bjoern Zeeb's > multi-ip/no-ip/ipv6 extension (actually, I've got no-ip already). But I > don't want to turn it all into one grand jail_set patch without buy-in, as I > don't know which patches have what kind of support. I'll reply to your other private mail on how we can do that later today. > Some things like vimage work well as prison services, using the provided jail > layering and remaining their own separate things. But most of the jail Remaining separate things sounds very good to me; I was a bit worried before that too tight integration might happen. > patches are extensions to the base jail stuff itself, and would make more > sense to just add to the existing jail code. Some of these changes re-appear > in different forms in different patches. For prison services, there are possible bugs in the current implementation as is once there will be more than one serivce. Pawel said he had a rewrite (or something) in p4 already with his ZFS work. /bz -- Bjoern A. Zeeb Stop bit received. Insert coin for new game. From owner-freebsd-virtualization@FreeBSD.ORG Wed Jul 16 11:09:58 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 30863106566B for ; Wed, 16 Jul 2008 11:09:58 +0000 (UTC) (envelope-from zec@icir.org) Received: from xaqua.tel.fer.hr (xaqua.tel.fer.hr [161.53.19.25]) by mx1.freebsd.org (Postfix) with ESMTP id E85CA8FC1D for ; Wed, 16 Jul 2008 11:09:57 +0000 (UTC) (envelope-from zec@icir.org) Received: by xaqua.tel.fer.hr (Postfix, from userid 20006) id B797B9B651; Wed, 16 Jul 2008 13:09:56 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on xaqua.tel.fer.hr X-Spam-Level: X-Spam-Status: No, score=-4.3 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.1.7 Received: from [192.168.200.110] (zec2.tel.fer.hr [161.53.19.79]) by xaqua.tel.fer.hr (Postfix) with ESMTP id BF30D9B644; Wed, 16 Jul 2008 13:09:51 +0200 (CEST) From: Marko Zec To: freebsd-virtualization@freebsd.org Date: Wed, 16 Jul 2008 13:09:49 +0200 User-Agent: KMail/1.9.7 References: <487787CC.6020302@gritton.org> In-Reply-To: <487787CC.6020302@gritton.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200807161309.49269.zec@icir.org> Cc: Subject: Re: Simpler Vimage sysctls X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 11:09:58 -0000 On Friday 11 July 2008 18:18:20 James Gritton wrote: > While working on combining jail_set and Vimage, I found that the > sysctl virtualization hacks were more complicated than they needed to > be. > > The extra "subs" and "mod" arguments in SYSCTL_HANDLER_V_ARGS don't > need to be explicitly passed because they're members of the > sysctl_v_oid structure passed in the oidp argument. By using > oidp->oid_v_subs instead of subs (and same for mod), > SYSCTL_HANDLER_V_ARGS becomes the same as SYSCTL_HANDLER_ARGS, and no > longer need to be defined. > > With the handlers now taking the same arguments, the sysctl_oid and > sysctl_v_oid structures become identical and sysctl_v_oid can go > away. > > Unrelated to this is the various SYSCTL_V_XXX macros that refer to > either SYSCTL_V_OID or SYSCTL_OID depending on the VIMAGE define. > Since SYSCTL_V_OID already reduces to SYSCTL_OID if VIMAGE is > undefined, those further switches are unnecessary. > > I'm including a diff that trims all this away, while keeping the same > functionality. > > - Jamie Good catch, thanks! I just submitted a slightly modified version of your patch to p4/vimage branch, which allows for this to work with both options VIMAGE and nooptions VIMAGE configurations -> SYSCTL_V_* macros need to automatically fall back to their "plain" SYSCTL_* counterparts for nooptions VIMAGE builds. In retrospect, I really cannot recall why I introduced this SYSCTL_HANDLER_V_ARGS special casing in the first place, besides perhaps having it as an explicit reminder that in functions acting as handlers for virtualized objects, it is required to look up and dereference the address of such object in the appropriate resource container structure, which can / must be accomplished via SYSCTL_RESOLVE_V_ARG1() macro. Thanks, Marko