From owner-freebsd-virtualization@FreeBSD.ORG Sat Nov 13 22:09:28 2010 Return-Path: Delivered-To: virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DCF231065675 for ; Sat, 13 Nov 2010 22:09:28 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from out-0.mx.aerioconnect.net (out-0-30.mx.aerioconnect.net [216.240.47.90]) by mx1.freebsd.org (Postfix) with ESMTP id BE84F8FC24 for ; Sat, 13 Nov 2010 22:09:28 +0000 (UTC) Received: from idiom.com (postfix@mx0.idiom.com [216.240.32.160]) by out-0.mx.aerioconnect.net (8.13.8/8.13.8) with ESMTP id oADM9RNR026888; Sat, 13 Nov 2010 14:09:27 -0800 X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (h-67-100-89-137.snfccasy.static.covad.net [67.100.89.137]) by idiom.com (Postfix) with ESMTP id 9867E2D6011; Sat, 13 Nov 2010 14:09:26 -0800 (PST) Message-ID: <4CDF0C99.5080201@freebsd.org> Date: Sat, 13 Nov 2010 14:09:29 -0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US; rv:1.9.2.12) Gecko/20101027 Thunderbird/3.1.6 MIME-Version: 1.0 To: "Bjoern A. Zeeb" References: <4CDEFC2D.4090908@freebsd.org> <20101113212800.O78896@maildrop.int.zabbadoz.net> In-Reply-To: <20101113212800.O78896@maildrop.int.zabbadoz.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.67 on 216.240.47.51 Cc: virtualization@freebsd.org Subject: Re: limitations on jail style virtualization X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Nov 2010 22:09:28 -0000 On 11/13/10 1:30 PM, Bjoern A. Zeeb wrote: > On Sat, 13 Nov 2010, Julian Elischer wrote: > > Hi Julian, > >> We discussed this at MeetBSD last week and it woudl seem that the next >> big hurdle for virtualization would seem to be a good concept to allow >> jails to have virtual versions of various virtual devices.. >> >> for example >> >> pf has been virtualized (when IS that patch going to get >> committed?) but pfsync >> and pflog use special devices in /dev. >> >> similarly bpf uses /dev entries but the way they are used means >> they are still useful. >> >> so what happend when a device that is accessed from within a jail >> creates a cloning device? >> should it just turn up in the devfs for that jail? >> and should it be visible in other jails that happen to be sharing >> the same /dev? >> >> >> I have no preconceived ideas abot this. Just possibilities. >> >> should the cloning code work alongside a new devfs feature that >> would make >> 'per jail' entries? i.e. tun0 would be a different device >> depending on what jail >> you were in looking at the /dev? > > > For a discussion summary that sounds sparse unless it was only a short > brainstorming;-) Can you please elaborate on the "we" and other "use > cases" as this really sounds like a per-interface decision to me and > there might be work in progress from multiple people already. It was only a short discussion among "non developers" during a short breakout session. the session was "what is this VIMAGE/jails thing"? and was not a dev-summit meeting but an "introduction to vimage" for end users. During the discussion people were asking questions that they had. Some of the questions I could answer well but others resulted in discussions that ended up with things like, "we you could do that but that would require that you had a different /dev/pfsync for each jail, and we have no way to do that yet". I promised the group that after the meeting I would bring up the topic with other interested developers... so here we are.. > > /bz >