From owner-freebsd-arch@FreeBSD.ORG Mon Oct 15 05:59:23 2007 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1D5D016A418 for ; Mon, 15 Oct 2007 05:59:23 +0000 (UTC) (envelope-from ndenev@gmail.com) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.189]) by mx1.freebsd.org (Postfix) with ESMTP id DDABF13C467 for ; Mon, 15 Oct 2007 05:59:22 +0000 (UTC) (envelope-from ndenev@gmail.com) Received: by rv-out-0910.google.com with SMTP id l15so1205467rvb for ; Sun, 14 Oct 2007 22:59:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=mKxqZ4P2tN65eFJ3OpxywgHDpzbYalVH8vLiQLOf75E=; b=LnWv/4IKqJCGCG9zkzzj95DYwoTKAmSy/vpQBCWkYtgz0Tq19VagUVgjoMU/e0T2NvQ96FTGdpk9fC75xOnfZwiFWKLNyjsz/7bXyug4lm9p1L/Buu2mN6oEf4CC0vSFy0NvoIa0JIyk6ri68ZM+2EZ8yMt17oK9ztW0zH72fAI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=RYfz2e0UE+5M5EjJVbHAHNvdFh2Vqtdn+xE2Lb6gNL7lvxr4U5xNTQ9Rx18o7tL7KlQEK3NHUbgNvnH3LMbvgTrb5F4UiHMkUwJcJgcldNV18Pe8M/vDey5i0pqWUVEmTcdtDu8wQXzUjidjgn/OydKBD48ixVtN/C8fDdDV1Zo= Received: by 10.141.211.13 with SMTP id n13mr2510868rvq.1192424256295; Sun, 14 Oct 2007 21:57:36 -0700 (PDT) Received: by 10.140.192.2 with HTTP; Sun, 14 Oct 2007 21:57:36 -0700 (PDT) Message-ID: <2e77fc10710142157k44d76c35m9397cb707c1fc1f1@mail.gmail.com> Date: Mon, 15 Oct 2007 07:57:36 +0300 From: "Niki Denev" Sender: ndenev@gmail.com To: freebsd-arch@freebsd.org In-Reply-To: <4712845A.3090508@elischer.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <470E5BFB.4050903@elischer.org> <47109F59.30602@quip.cz> <20071014121635.5adc1f19@deskjail> <47121A04.9010407@quip.cz> <4712845A.3090508@elischer.org> X-Google-Sender-Auth: a378bec253d74846 Subject: Re: kernel level virtualisation requirements. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Oct 2007 05:59:23 -0000 On 10/15/07, Julian Elischer wrote: > Miroslav Lachman wrote: > > Alexander Leidinger wrote: > > > >> Quoting Miroslav Lachman <000.fbsd@quip.cz> (Sat, 13 Oct 2007 12:35:05 > >> +0200): > > > > [...] > >>> It would be nice to have something from vserver, something from > >>> zones, from xen, from jails etc. > >>> From my point of view: > >>> > >>> CPU limits - specified as relative part of shares (container can get > >>> more CPU power if CPU is not 100% loaded) or set to absolute > >>> (container can't get more than specified CPU power, so one can use it > >>> to test applications on slow CPUs etc.) > >>> > >>> Memory limits - same as CPU > >>> > >>> Disk - it would be nice if I can set how many disk space each > >>> container can use. (with similar interface as disk quotas - soft+hard > >>> limits and space+inodes). Maybe setting of disk I/O in similar style > >>> as CPU and memory limits above. > >> > >> > >> You can have something like this already with zfs. Just for > >> information, it doesn't mean we don't need to talk about this point. > > > > I did not have enough time to play with FreeBSD 7 and ZFS. It is good to > > know we have it yet. :) > > > >>> UIDs - independent UIDs in containers. In relation to UIDs, one can > >>> use disk quotas inside containers. > >> > >> > >> Can you please clarify what you mean here? Are you talking about the > >> current quota support and how it handles UIDs on the host? If your disk > >> proposal above is implemented, I can imagine that the current quota > >> stuff is independent from this and wouldn't need a decoupling from UIDs > >> in a jail from the UIDs on the host. > > > > Yes I was talking about current quota support na UIDs on host. If I have > > UID 1001 on host and UID 1001 in two jails on same mountpoint, current > > quotas can not be used. Or am I wrong? > > > >>> Network bandwidth - same as CPU and memory > >> > >> > >> We have this already with dummynet and/or pf, don't we? > > > > OK, you are right, one can do this with dummynet or pf in simple jail > > config, but with hierarchical structer, multiple IPs etc. Will it be > > still usable? Maybe just implement some layer/utility to wrap around > > container (jail) settings and generate proper dummynet / pf rules will > > be enough. > > in vimage each virtual instance has its own firewalls. > > > > > Miroslav Lachman > > _______________________________________________ > > freebsd-arch@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-arch@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" > > What about disk io? right now a single jail can bring the whole system to it's knees because of excessife disk io, which seems to be the bottleneck and the "precious" resource on many systems these days. Just a 0.2cents idea :)