Date: Tue, 27 Jan 2015 08:17:05 -0600 From: Mark Felder <feld@FreeBSD.org> To: freebsd-jail@freebsd.org Subject: Re: preferred jail management tool Message-ID: <1422368225.3958980.219494573.4EAD939C@webmail.messagingengine.com> In-Reply-To: <54C7958B.40007@gmail.com> References: <CACfj5vKjiQHsy9VbOKFFcrBpyr3dmbkOOxTxCYhSyZrnrjRiaQ@mail.gmail.com> <CAHieY7TyxzC0aK-ErY2EbCmTJPykk_9G7Gd=CrZ9yxQ-77PynA@mail.gmail.com> <20150127012347.GA4940@lonesome.com> <20150127141239.V77290@sola.nimnet.asn.au> <54C7958B.40007@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 27, 2015, at 07:41, Ernie Luzar wrote: > > On the subject of vimage/vnet, vimage has many outstanding PRs and has > received absolutely no maintenance since it was first published. This statement is ridiculous. r276747 | rodrigc | 2015-01-06 03:03:03 -0600 (Tue, 06 Jan 2015) | 7 lines Instead of creating a purge thread for every vnet, create a single purge thread and clean up all vnets from this thread. r276746 | rodrigc | 2015-01-06 02:39:06 -0600 (Tue, 06 Jan 2015) | 14 lines Merge: r258322 from projects/pf branch Split functions that initialize various pf parts into their vimage parts and global parts. Since global parts appeared to be only mutex initializations, just abandon them and use MTX_SYSINIT() instead. Kill my incorrect VNET_FOREACH() iterator and instead use correct approach with VNET_SYSINIT(). r275599 | rodrigc | 2014-12-08 01:25:59 -0600 (Mon, 08 Dec 2014) | 11 lines Use CURVNET macros inside inet_get_local_port_range() function. Without this fix, a kernel with VIMAGE + Infiniband will panic on bootup. Certain necessary #include statements require LIST_HEAD. Add these includes to ofed/include/linux/list.h, because LIST_HEAD is specifically overridden in this file. r275555 | rodrigc | 2014-12-05 20:59:59 -0600 (Fri, 05 Dec 2014) | 8 lines MFp4: @181627 Allow UMA allocated memory to be freed when VNET jails are torn down. r274803 | rodrigc | 2014-11-21 11:57:37 -0600 (Fri, 21 Nov 2014) | 4 lines Create a vimage.9 link to vnet.9 r274745 | rodrigc | 2014-11-20 03:56:34 -0600 (Thu, 20 Nov 2014) | 8 lines MFp4: @179066 Add page which describes VNET network stack virtualization infrastructure. r274744 | rodrigc | 2014-11-20 02:11:54 -0600 (Thu, 20 Nov 2014) | 15 lines Set the current vnet inside the ioctl handler for ipfilter. Without this fix, the vnet was NULL and would crash. This fix is similar to what was done inside the ioctl handler for PF. Tested by: (1) Boot a kernel with "options VIMAGE" enabled (2) Type: echo "map lo0 from 10.0.0.0/24 to ! 10.0.0.0/24 -> 127.0.0.1/32" > /etc/ipnat.rules ; service ipnat onerestart r272889 | hrs | 2014-10-10 01:45:13 -0500 (Fri, 10 Oct 2014) | 5 lines Virtualize if_epair(4). An if_xname check for both "a" and "b" interfaces is added to return EEXIST when only "b" interface exists---this can happen when epair<N>b is moved to a vnet jail and then "ifconfig epair<N> create" is invoked there. r272386 | hrs | 2014-10-01 16:37:32 -0500 (Wed, 01 Oct 2014) | 10 lines Virtualize lagg(4) cloner. This change fixes a panic when tearing down if_lagg(4) interfaces which were cloned in a vnet jail. Sysctl nodes which are dynamically generated for each cloned interface (net.link.lagg.N.*) have been removed, and use_flowid and flowid_shift ifconfig(8) parameters have been added instead. Flags and per-interface statistics counters are displayed in "ifconfig -v". I could go on, but I'm sure you can search the svn logs yourself. > Vimage has to be compiled into the kernel and its kernel compile option > has comment that it is highly experimental. No it doesn't. # Network stack virtualization. #options VIMAGE #options VNET_DEBUG # debug for VIMAGE See for yourself: https://svnweb.freebsd.org/base/head/sys/conf/NOTES?view=markup
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1422368225.3958980.219494573.4EAD939C>