Hi Daniel,
I might be completely wrong and I'm only asking for educational purposes as
I started to read netlink docs couple of hours ago but it looks like it's
possible to crete new netlink protocol/group and use it for IPC between
userspace applications, in fact it looks like that's what udev-monitor was
doing. Am I missing something? And please feel to ignore me if the answer
of this question is so obvious and can be found in the docs as I'm reading
them :)
Best,
On Fri, Apr 12, 2013 at 5:31 PM, Daniel Lezcano <daniel.lezc...@free.fr>wrote:
> On 04/12/2013 06:55 PM, S.Çağlar Onur wrote:
> > I'm not experienced with it so please forgive me if I'm talking
> > non-sense but what about switching back to using (or abusing depending
> > on your point of view) netlink via libnl?
>
> Because it is much more than abusing :) It is hacking the rtnetlink
> service, which means you filter out the messages not coming from lxc
> (could be netlink messages about route changes, etc ...) and the
> different tools relying on this netlink family must ignore lxc messages.
>
> I will refresh my memory and implement a prototype based on af_inet
> messages, that may take awhile because I am very busy for the moment.
>
> Regards
> -- Daniel
>
> > On Fri, Apr 12, 2013 at 10:02 AM, Serge Hallyn
> > <serge.hal...@ubuntu.com <mailto:serge.hal...@ubuntu.com>> wrote:
> >
> > Quoting Daniel Lezcano (daniel.lezc...@free.fr
> > <mailto:daniel.lezc...@free.fr>):
> > > Sorry for jumping so late in the thread but I disagree to use
> > DBUS with
> > > LXC because of the dependency with more packages, LXC has been
> > designed
> > > to be stand alone, nothing prevent to add more complexity and
> > > dependencies but on top of LXC not inside.
> > >
> > > To answer the previous email Serge sent me, I thought a bit
> > about the
> > > mechanism in order to prevent a publish/subscribe approach. The
> > first
> > > version used the af_netlink socket to use some kind of message
> > multicast
> > > on processes. But it hacked a family of the netlink which was
> > > conflicting with the ip_route tool. In order to prevent this
> > conflict I
> > > switched "temporarly" to the AF_UNIX socket while looking for a
> > socket
> > > type matching our needs. The AF_IPN (Inter Process Network)
> > could have
> > > been perfect but the patchset has been rejected.
> > >
> > > I think the solution to solve this issue is to use the AF_INET
> > protocol
> > > on the loopback using the loopback's broadcast address and
> > filter the
> > > messages with the container name. The code should be 'trivial'.
> > >
> > > One question remains with this approach : which communication
> > port number ?
> >
> > A consideration: right now the the monitors are per-lxcpath. So
> > if user joe is using lxcpath /home/joe/lxcbase, then his lxc-monitor
> > will only hear events for containers under /home/joe/lxcbase. If
> > we use loopback, then events for alllxcpaths on the host will be
> > combined.
> >
> > That may be preferred, or may not be. But in the coming world of
> > per-unprivileged-user containers, where user joe has container c2
> > in /home/joe/lxcbase/c2, do we want user joe to hear all events
> > relating to system containers (under /var/lib/lxc) or jane's
> > /home/jane/lxcbase containers?
> >
> > It's not so much a noise issue, as we can just make sure to add
> > the lxcpath to each message. It's more a security/privacy concern.
> >
> > -serge
> >
> >
> ------------------------------------------------------------------------------
> > Precog is a next-generation analytics platform capable of advanced
> > analytics on semi-structured data. The platform includes APIs for
> > building
> > apps and a phenomenal toolset for data science. Developers can use
> > our toolset for easy data analysis & visualization. Get a free
> > account!
> > http://www2.precog.com/precogplatform/slashdotnewsletter
> > _______________________________________________
> > Lxc-devel mailing list
> > Lxc-devel@lists.sourceforge.net
> > <mailto:Lxc-devel@lists.sourceforge.net>
> > https://lists.sourceforge.net/lists/listinfo/lxc-devel
> >
> >
> >
> >
> > --
> > S.Çağlar Onur <cag...@10ur.org <mailto:cag...@10ur.org>>
>
>
--
S.Çağlar Onur <cag...@10ur.org>
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
