From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Tue 10 Jun 2003 - 03:13:27 BST
recently I proposed that the VServer concept should
be (slightly) modified, in such way, that every
virtual server consists of some independent virtual
space (like a physical server), where the processes
"hmm, and what do the current implementations?", you
might ask, and you are right (to ask), because the
difference is not obvious ...
if you are not interested in the differences, or
already know about them skip the next paragraphs ...
(or straight down to the get-on-with-it-marker ...)
the current implementations add a reference to the
virtual context to each task, and modify many
existing kernel functions to permit or forbid
depending on the context information ...
the init task in a virtual server is faked by re-
writing the id on the fly, entries in the proc
filesystem are masked, etc ...
this (first) approach, tries to simplify the virtual
concept by creating something called 'virtual'
which is a structure, which aims to virtualize the
different aspects of a physical server. It is far
from complete, actually it only addresses the task
how it works:
- an initial virtual structure is created
- all processes spawned from the kernel process
are members of this initial virtual
- a new virtual can be created via some syscall
(or with the 'virt' utility [virt -c])
- the new virtual can be populated with some
virtual init task (which could be /sbin/init)
and subsequent child processes
- after the virtual init (and it's chilren)
have died, the virtual is automatically freed
additional concepts/features (virt utility):
- allows to pivot_root (experimental)
- allows arbitrary init execution
although this is some core development stuff, I
would really appreciate to get as much feedback
as possible, so let me know what you think about
it, what I did wrong, what could be improved, ...
(developers, users, whatever ...)
--- [get-on-with-it-marker] 8-)
you can grab all at ...
ad Jacques: please, at least, take a look ...
ad Alexey: sorry, didn't check your port jet :(
some examples ...
# ls /proc/virtual
[to create a new virtual(1), do ... ]
# virt -c
# ls /proc/virtual
[to get a task feeling, do ... ]
# cat /proc/virtual/0_info
[to see (or not) the missing processes, do ... ]
# ls /proc/
# virt -cm -E ls ls /proc
[to create, migrate, and pivot root init, do ... ]
# mount --bind / /xxx
[or copy a root hierarchy to /xxx and do ... ]
# mount --bind /xxx /xxx
# mkdir -p /xxx/_old
# virt -cm -P /xxx -F /sbin/init init &
# cat /proc/virtual/1_info
repeat the last line to see how init tries to
spawn new login sessions on terminals ...