hello, the plan as decided in Portland was to go forward with openvz if upstream provides us with a patch in time. as currently this looks quite bad (latest available patch is for 2.6.27, there is no sign of a patch for 2.6.32, nor any schedule like it happened to be for Lenny).
I thus propose to enable an lxc (linux containers) [1] flavour: * Containers are sets of processes with private namespaces, which can look like separate boxes * lxc is merged in linux-2.6 and continuously improved (the maintenance of it should be thus much lower then it was for openvz) * lxc is fast and bench mark tested [2] * the lxc userland is in sid and available for many archs * libvirt support * the 2.6.32 feature/fixes patch is tiny [3] * RESOURCE_COUNTERS and CGROUP_MEM_RES_CTLR enabled (has overhead that is not acceptable, for general purpose images) On the negative side it doesn't have yet checkpointing support and not all net/ has netns support yet. I'll wait until 1st of February and until contrary notice would add an lxc flavour to 2.6.32. kind regards maks [1] http://www.ibm.com/developerworks/linux/library/l-lxc-containers/ http://lwn.net/Articles/219794/ [2] http://lwn.net/Articles/179345/ [3] http://lxc.sourceforge.net/patches/2.6.32/2.6.32-rc6/share-af-unix-socket-sysctl.patch https://lists.linux-foundation.org/pipermail/containers/2010-January/022529.html https://lists.linux-foundation.org/pipermail/containers/2010-January/022600.html
signature.asc
Description: Digital signature
