Resource Containers Project

I have periodically checked the wiki for about 2 years on this project. Would probably be good to update that source as this thread is the only recent activity I've seen. :)
 
Seems like some (all?) parts of this work is currently being merged into FreeBSD-CURRENT.
 
Eagerly looking forward to this project to be completed which will bring jails at par with the Solaris containers. Just tried to patch to the 8.2, but didn't work in my case.

This feature with VIMAGE+epair would boost the FreeBSD use by leaps and bounds, I presume.
 
What I'm still missing is something to hide the complete output from "dmesg" inside a jail.
So is there a patch or something to configure available?
The Patch for 8.2 will be nice. Tell me please if it will be available for testing. Currently I decide me between FreeBSD Jails with Vnet and Linux Containers with Veth.
 
trasz@ said:
@minimike: Why do you need to hide the dmesg output?
Click to expand...
If you are selling Linux Containers or FreeBSD jails costumers could see it. Exemplary on Linux Containers by default Shorewall a IPtables framework sends some messages so that costumers in there containers could see it in dmesg like some IPtables settings or other secret messages from the Host and from other Containers. The same with other stuff on FreeBSD Jails. Exemplary customers could calculate how many jails are running on the Host. This should be on an mass hosting environment a holy trade secret. For me as an ISP Startup who would like sell FreeBSD Jails for rent is that a real big problem.
 
@minimike: Ok, makes sense. Looks like you can do that already, using [cmd=]sysctl security.bsd.unprivileged_read_msgbuf=0[/cmd]
 
trasz@ said:
@minimike: Ok, makes sense. Looks like you can do that already, using [cmd=]sysctl security.bsd.unprivileged_read_msgbuf=0[/cmd]
Click to expand...

trasz@ thanks for this tip! But thats to strict :/ On my wishlist is something like a demsg output like under Solaris-Zones or Linux-Vservers. If you type dmesg there, they will shown only the output from the stuff whats happened inside the container. It will be needed on every commercial mass hosting environment. Without your work still will be great! But not enough :(
 
Oh, I've forgotten it. So now, trasz@, which FreeBSD list do I have to visit/use to get more status information?
 
Eagerly waiting for updates!

trasz@ said:
I'll prepare a new diff against 8.2 in a few days, after I finish merging.
Click to expand...

@trasz: Any updates about the diff against 8.2? Any pointer or links?

I waited for the release of 9.0 which is supposedly included RCP but the release seems behind schedule (from what I read here http://wiki.freebsd.org/Releng/9.0TODO?highlight=((FreeBSD9))#Release_Schedule)

And what is the status of %CPU allocation? (Sad to read here just a while ago that it won't be ready till 9.0 release :-( )

*** If any of my posts helped you, please contribute to either http://www.freebsdfoundation.org/donate/ or http://www.thehumanape.org/. Appreciate it! Thanks for your understanding! ***
 
The whole thing turned out to be more complicated than I originally thought, and I never backported it to 8. I'd suggest to try out latest BETA, since it'll pretty close to the final 9.0.
 
trasz@: thanks I shall try accordingly.

BTW, in 9-CURRENT, where do I need to specify the resourse and what parameters are supported besides that in 8? Any manual? The one here points to the old literatures.

Any pointer will be appreciated. Thanks!
 
@zennybsd: "man rctl" would be a good start. Note that you need to rebuild your kernel with "options RACCT" and "options RCTL".
 
trasz@: I will define the options you stated when I run nanobsd.sh script. Thanks for reminder.

In the meantime, I found this new link which is updated.

Thanks for the hard work ;-)
 
You must log in or register to reply here.
Back
Top