From owner-freebsd-arch@FreeBSD.ORG  Fri Oct 12 20:06:38 2007
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: arch@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2F4E016A468;
	Fri, 12 Oct 2007 20:06:38 +0000 (UTC)
	(envelope-from jamie@gritton.org)
Received: from gritton.org (gritton.org [161.58.222.4])
	by mx1.freebsd.org (Postfix) with ESMTP id C864713C47E;
	Fri, 12 Oct 2007 20:06:37 +0000 (UTC)
	(envelope-from jamie@gritton.org)
Received: from [10.20.12.66] (fw.oremut02.us.wh.verio.net [198.65.168.24])
	(authenticated bits=0)
	by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id l9CJsAol091865;
	Fri, 12 Oct 2007 13:54:10 -0600 (MDT)
Message-ID: <470FD0DC.5080503@gritton.org>
Date: Fri, 12 Oct 2007 13:54:04 -0600
From: James Gritton <jamie@gritton.org>
User-Agent: Thunderbird 1.5.0.2 (X11/20060512)
MIME-Version: 1.0
To: arch@freebsd.org
References: <470E5BFB.4050903@elischer.org>
In-Reply-To: <470E5BFB.4050903@elischer.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Marko Zec <zec@freebsd.org>, Julian Elischer <julian@elischer.org>
Subject: Re: kernel level virtualisation requirements.
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Oct 2007 20:06:38 -0000

Julian Elischer wrote:

 > What I'd like to see is a bit of a 'a-la-carte' virtualisation
 > ability.
...
 > My question to you, the reader, is:
 > what aspects of virtualisation (the appearance of multiple instances
 > of some resource) would you like to see in the system?

Of course everything jail has now, and all the network bits that vimage 
offers.

CPU scheduling, in particular schedule the CPU first by jail, and then
by processes within jail.

Filesystem quotas, without the need for each jail to have its own mount 
point.

A lot of things that fall under the IPC category: UNIX domain sockets 
(part of
jail chroot I suppose), PTYs, tunnel devices, SYSV IPC, file locks.

Swap space and resident memory limits.


The sysctl mechanism seems a good way to declare jails as having one 
capability
or the other.  This would alleviate the need to keep updating the jail
structure when someone has a new idea, especially handy since the single
structure makes it very hard to work on more than one new idea at a time.

- Jamie