2006-01-17 14:50:58

by Serge E. Hallyn

[permalink] [raw]
Subject: RFC [patch 26/34] PID Virtualization Documentation

First (incomplete) attempt of documentation
Signed-off-by: Hubertus Franke <[email protected]>
---
containers.txt | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 64 insertions(+)

Index: linux-2.6.15/Documentation/containers.txt
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ linux-2.6.15/Documentation/containers.txt 2006-01-17 08:37:07.000000000 -0500
@@ -0,0 +1,64 @@
+This document describes the basics of the container
+
+Hubertus Franke <[email protected]>
+Serge E Hallyn <[email protected]>
+Cedric Legoater <[email protected]>
+
+Applications and associated processes can be containerized into
+"isolated" soft partitions. The goal is to make containers
+transparently migratable. To do so certain resources identifiers
+need to be virtualized.
+These includes
+ - pids, gids,
+ - SysV ids
+ - procfs
+Only resource belonging to a container can be accessed within
+the container.
+
+A "container" is created through a helper program <contexe>,
+that is supplied separately.
+A process moves itself to a container by writing
+the name of the container to create to /proc/container.
+Doing so makes the calling process the pseudo init process
+of the container.
+
+
+For example "contexe -j2 /bin/bash" spawns a bash within
+a new container <cont_2> and make the contexe process
+the containers virtual initproc.
+
+
+PID-VIRTUALIZATION:
+-------------------
+
+Let Process <A> be the currently running process ( e.g. bash with pid 913 )
+Each container has an associated pidspace id associated. Each pidspace
+id is managed like the standard pid range in linux.
+
+We obtain the following tree, where <pidspace | vpid > denotes the
+internal pid which is obtained by bitmasking.
+
+A some older bash < 0 | 913 >
+ |
+ \/
+B == contexe == < 0 | 1087 > ( also container->init_proc := A
+ container->init_pid := 1087
+ |
+ \/
+C == /bin/bash == < 1 | 2 >
+
+
+let's define the results here we are expecting.
+
+C in context of B: vpid = 2
+B in context of C: vpid = 1
+
+B in context of A: vpid = pid = 1087
+C in context of A: vpid = pid = < 1 | 2 >
+
+A in context of B: vpid = pid = 913
+A in context of C: vpid = -1
+
+< More to Follow >
+
+

--