From owner-freebsd-net@FreeBSD.ORG Mon May 26 09:54:12 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 520C437B401; Mon, 26 May 2003 09:54:12 -0700 (PDT) Received: from premijer.tel.fer.hr (premijer.tel.fer.hr [161.53.19.221]) by mx1.FreeBSD.org (Postfix) with ESMTP id A552A43F85; Mon, 26 May 2003 09:54:11 -0700 (PDT) (envelope-from zec@tel.fer.hr) Received: from tel.fer.hr (unknown [161.53.243.135]) by premijer.tel.fer.hr (Postfix) with ESMTP id BA3E813C4; Mon, 26 May 2003 18:53:51 +0200 (MET DST) Message-ID: <3ED246AC.483FE6F4@tel.fer.hr> Date: Mon, 26 May 2003 18:54:04 +0200 From: Marko Zec X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Jordan K Hubbard References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: hackers@freebsd.org cc: net@freebsd.org Subject: Re: Network stack cloning / virtualization patches X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2003 16:54:12 -0000 Jordan K Hubbard wrote: > On Sunday, May 25, 2003, at 05:18 PM, Marko Zec wrote: > > > So, I'd certainly like to virtualize more system resources and make > > virtual images as independent from each other as possible, but they > > will always > > have to share the same kernel. > > That's actually what I was talking about - my comparison to what IBM's > done may have been a bad example since, as you say, they've virtualized > the hardware in true IBM (shades of VM) fashion. I think that's > actually overkill for many usage scenarios since all you really want is > the ability to run an "instance" of the OS which allows for all the > user-visible configuration knobs to be changed and the appropriate > user-visible resource limits to be enforced independently. Essentially > a jail where it's literally impossible to tell that you're not the only > "OS" on the machine or to affect a user or resource running on another > instance. Btw. there is a commercial product out there that also seems to offer such a functionality, check http://www.sw-soft.com/en/products/virtuozzo/ Marko