From: "Serge E. Hallyn" <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>
To: Richard Weinberger
<richard.weinberger-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Cc: "open list:ABI/API"
<linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Linux Containers
<containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>,
LKML <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"Eric W. Biederman"
<ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>,
LXC development mailing-list
<lxc-devel-cunTk1MwBs9qMoObBWhMNEqPaTDuhLve2LY78lusg7I@public.gmane.org>,
Tejun Heo <tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
cgroups mailinglist
<cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Andrew Morton
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>
Subject: Re: CGroup Namespaces (v4)
Date: Mon, 16 Nov 2015 14:46:06 -0600 [thread overview]
Message-ID: <20151116204606.GA30681__32103.8969829262$1447706791$gmane$org@mail.hallyn.com> (raw)
In-Reply-To: <CAFLxGvzVmbZHrpaTmXUAK03hsnVPwEs3SJGNFNXfthh3NL8EDg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
On Mon, Nov 16, 2015 at 09:41:15PM +0100, Richard Weinberger wrote:
> Serge,
>
> On Mon, Nov 16, 2015 at 8:51 PM, <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org> wrote:
> > To summarize the semantics:
> >
> > 1. CLONE_NEWCGROUP re-uses 0x02000000, which was previously CLONE_STOPPED
> >
> > 2. unsharing a cgroup namespace makes all your current cgroups your new
> > cgroup root.
> >
> > 3. /proc/pid/cgroup always shows cgroup paths relative to the reader's
> > cgroup namespce root. A task outside of your cgroup looks like
> >
> > 8:memory:/../../..
> >
> > 4. when a task mounts a cgroupfs, the cgroup which shows up as root depends
> > on the mounting task's cgroup namespace.
> >
> > 5. setns to a cgroup namespace switches your cgroup namespace but not
> > your cgroups.
> >
> > With this, using github.com/hallyn/lxc #2015-11-09/cgns (and
> > github.com/hallyn/lxcfs #2015-11-10/cgns) we can start a container in a full
> > proper cgroup namespace, avoiding either cgmanager or lxcfs cgroup bind mounts.
> >
> > This is completely backward compatible and will be completely invisible
> > to any existing cgroup users (except for those running inside a cgroup
> > namespace and looking at /proc/pid/cgroup of tasks outside their
> > namespace.)
> > cgroupns-root.
>
> IIRC one downside of this series was that only the new "sane" cgroup
> layout was supported
> and hence it was useless for everything which expected the default layout.
> Hence, still no systemd for us. :)
>
> Is this now different?
Yes, all hierachies are no supported.
prev parent reply other threads:[~2015-11-16 20:46 UTC|newest]
Thread overview: 146+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-16 19:51 CGroup Namespaces (v4) serge-A9i7LUbDfNHQT0dZR+AlfA
2015-11-16 19:51 ` serge
2015-11-16 19:51 ` [PATCH 2/8] sched: new clone flag CLONE_NEWCGROUP for cgroup namespace serge
2015-11-16 19:51 ` serge-A9i7LUbDfNHQT0dZR+AlfA
[not found] ` <1447703505-29672-1-git-send-email-serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>
2015-11-16 19:51 ` [PATCH 1/8] kernfs: Add API to generate relative kernfs path serge-A9i7LUbDfNHQT0dZR+AlfA
2015-11-16 19:51 ` serge
[not found] ` <1447703505-29672-2-git-send-email-serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>
2015-11-24 16:16 ` Tejun Heo
2015-11-24 16:16 ` Tejun Heo
2015-11-24 16:16 ` Tejun Heo
2015-11-24 16:17 ` Tejun Heo
2015-11-24 16:17 ` Tejun Heo
2015-11-24 17:43 ` Serge E. Hallyn
2015-11-24 17:43 ` Serge E. Hallyn
[not found] ` <20151124161709.GM17033-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-11-24 17:43 ` Serge E. Hallyn
[not found] ` <20151124161630.GL17033-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-11-24 16:17 ` Tejun Heo
2015-11-27 5:25 ` Serge E. Hallyn
2015-11-27 5:25 ` Serge E. Hallyn
2015-11-27 5:25 ` Serge E. Hallyn
[not found] ` <20151127052511.GA25490-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-11-30 15:11 ` Tejun Heo
2015-11-30 15:11 ` Tejun Heo
2015-11-30 15:11 ` Tejun Heo
2015-11-30 18:37 ` Serge E. Hallyn
2015-11-30 18:37 ` Serge E. Hallyn
2015-11-30 22:53 ` Tejun Heo
[not found] ` <20151130225318.GD9039-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-12-01 2:08 ` Serge E. Hallyn
2015-12-01 2:08 ` Serge E. Hallyn
2015-12-01 2:08 ` Serge E. Hallyn
[not found] ` <20151130183758.GA25433-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-11-30 22:53 ` Tejun Heo
[not found] ` <20151130151147.GG3535-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-11-30 18:37 ` Serge E. Hallyn
2015-11-16 19:51 ` [PATCH 2/8] sched: new clone flag CLONE_NEWCGROUP for cgroup namespace serge-A9i7LUbDfNHQT0dZR+AlfA
2015-11-16 19:51 ` [PATCH 3/8] cgroup: add function to get task's cgroup serge-A9i7LUbDfNHQT0dZR+AlfA
2015-11-16 19:51 ` serge
[not found] ` <1447703505-29672-4-git-send-email-serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>
2015-11-24 16:27 ` Tejun Heo
2015-11-24 16:27 ` Tejun Heo
[not found] ` <20151124162728.GN17033-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-11-24 16:54 ` Tejun Heo
2015-11-24 16:54 ` Tejun Heo
2015-11-24 16:54 ` Tejun Heo
2015-11-16 19:51 ` [PATCH 4/8] cgroup: export cgroup_get() and cgroup_put() serge-A9i7LUbDfNHQT0dZR+AlfA
2015-11-16 19:51 ` [PATCH 5/8] cgroup: introduce cgroup namespaces serge-A9i7LUbDfNHQT0dZR+AlfA
2015-11-16 19:51 ` serge
2015-11-24 16:49 ` Tejun Heo
2015-11-24 16:49 ` Tejun Heo
[not found] ` <1447703505-29672-6-git-send-email-serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>
2015-11-24 16:49 ` Tejun Heo
2015-11-16 19:51 ` [PATCH 6/8] cgroup: cgroup namespace setns support serge-A9i7LUbDfNHQT0dZR+AlfA
2015-11-16 19:51 ` serge
[not found] ` <1447703505-29672-7-git-send-email-serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>
2015-11-24 16:52 ` Tejun Heo
2015-11-24 16:52 ` Tejun Heo
2015-11-24 16:52 ` Tejun Heo
2015-11-16 19:51 ` [PATCH 7/8] cgroup: mount cgroupns-root when inside non-init cgroupns serge-A9i7LUbDfNHQT0dZR+AlfA
2015-11-16 19:51 ` serge
[not found] ` <1447703505-29672-8-git-send-email-serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>
2015-11-24 17:16 ` Tejun Heo
2015-11-24 17:16 ` Tejun Heo
2015-11-24 17:16 ` Tejun Heo
2015-11-25 6:01 ` Serge E. Hallyn
[not found] ` <20151125060156.GA678-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-11-25 19:10 ` Tejun Heo
2015-11-25 19:10 ` Tejun Heo
2015-11-25 19:10 ` Tejun Heo
[not found] ` <20151125191041.GB14240-piEFEHQLUPpN0TnZuCh8vA@public.gmane.org>
2015-11-25 19:55 ` Serge Hallyn
2015-11-25 19:55 ` Serge Hallyn
2015-11-25 19:55 ` Serge Hallyn
2015-11-25 19:57 ` Tejun Heo
2015-11-25 19:57 ` Tejun Heo
2015-11-25 19:57 ` Tejun Heo
[not found] ` <20151124171610.GS17033-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-11-25 6:01 ` Serge E. Hallyn
2015-11-27 5:17 ` Serge E. Hallyn
2015-11-27 5:17 ` Serge E. Hallyn
2015-11-27 5:17 ` Serge E. Hallyn
[not found] ` <20151127051745.GA24521-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-11-30 15:09 ` Tejun Heo
2015-11-30 15:09 ` Tejun Heo
2015-11-30 15:09 ` Tejun Heo
[not found] ` <20151130150938.GF3535-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-12-01 4:07 ` Serge E. Hallyn
2015-12-01 4:07 ` Serge E. Hallyn
2015-12-01 4:07 ` Serge E. Hallyn
[not found] ` <20151201040704.GA31067-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-12-01 16:46 ` Tejun Heo
2015-12-01 16:46 ` Tejun Heo
2015-12-01 16:46 ` Tejun Heo
2015-12-01 21:58 ` Serge E. Hallyn
2015-12-01 21:58 ` Serge E. Hallyn
2015-12-02 16:53 ` Tejun Heo
2015-12-02 16:53 ` Tejun Heo
[not found] ` <20151202165312.GB19878-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-12-02 16:56 ` Serge E. Hallyn
2015-12-02 16:56 ` Serge E. Hallyn
2015-12-02 16:56 ` Serge E. Hallyn
2015-12-02 16:58 ` Tejun Heo
2015-12-02 16:58 ` Tejun Heo
[not found] ` <20151202165839.GD19878-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-12-02 17:02 ` Serge E. Hallyn
2015-12-02 17:02 ` Serge E. Hallyn
2015-12-02 17:02 ` Serge E. Hallyn
[not found] ` <20151202170239.GA21009-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-12-02 17:05 ` Tejun Heo
2015-12-02 17:05 ` Tejun Heo
2015-12-03 22:47 ` Serge E. Hallyn
2015-12-03 22:47 ` Serge E. Hallyn
2015-12-07 15:39 ` Tejun Heo
2015-12-07 15:39 ` Tejun Heo
[not found] ` <20151207153911.GF9175-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-12-07 15:53 ` Serge Hallyn
2015-12-07 15:53 ` Serge Hallyn
[not found] ` <20151203224706.GA19971-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-12-07 15:39 ` Tejun Heo
[not found] ` <20151202170551.GE19878-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-12-03 22:47 ` Serge E. Hallyn
[not found] ` <20151202165637.GA20840-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-12-02 16:58 ` Tejun Heo
[not found] ` <20151201215853.GA9153-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-12-02 16:53 ` Tejun Heo
[not found] ` <20151201164649.GD12922-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-12-01 21:58 ` Serge E. Hallyn
2015-11-16 19:51 ` [PATCH 8/8] cgroup: Add documentation for cgroup namespaces serge-A9i7LUbDfNHQT0dZR+AlfA
2015-11-16 19:51 ` serge
2015-11-24 17:16 ` Tejun Heo
2015-11-24 17:16 ` Tejun Heo
[not found] ` <1447703505-29672-9-git-send-email-serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>
2015-11-24 17:16 ` Tejun Heo
2015-11-16 20:41 ` CGroup Namespaces (v4) Richard Weinberger
2015-11-16 19:51 ` [PATCH 4/8] cgroup: export cgroup_get() and cgroup_put() serge
2015-11-16 19:51 ` serge-A9i7LUbDfNHQT0dZR+AlfA
[not found] ` <1447703505-29672-5-git-send-email-serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>
2015-11-24 16:30 ` Tejun Heo
2015-11-24 16:30 ` Tejun Heo
2015-11-24 22:35 ` Serge E. Hallyn
2015-11-24 22:35 ` Serge E. Hallyn
[not found] ` <20151124163056.GO17033-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org>
2015-11-24 22:35 ` Serge E. Hallyn
2015-11-16 20:41 ` CGroup Namespaces (v4) Richard Weinberger
2015-11-16 20:41 ` Richard Weinberger
2015-11-16 20:46 ` Serge E. Hallyn
2015-11-16 20:46 ` Serge E. Hallyn
2015-11-16 20:50 ` Richard Weinberger
2015-11-16 20:50 ` Richard Weinberger
2015-11-16 20:54 ` Serge E. Hallyn
2015-11-16 20:54 ` Serge E. Hallyn
2015-11-16 22:24 ` Eric W. Biederman
2015-11-16 22:24 ` Eric W. Biederman
2015-11-16 22:37 ` Tejun Heo
2015-11-16 22:37 ` Tejun Heo
[not found] ` <87y4dxh9b8.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-11-16 22:37 ` Tejun Heo
2015-11-17 1:13 ` Serge E. Hallyn
2015-11-17 1:13 ` Serge E. Hallyn
2015-11-17 1:13 ` Serge E. Hallyn
2015-11-17 1:40 ` Serge E. Hallyn
2015-11-17 1:40 ` Serge E. Hallyn
2015-11-17 3:54 ` Serge E. Hallyn
2015-11-17 3:54 ` Serge E. Hallyn
[not found] ` <20151117014026.GA2331-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-11-17 3:54 ` Serge E. Hallyn
[not found] ` <20151117011349.GA1958-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-11-17 1:40 ` Serge E. Hallyn
2015-11-18 2:30 ` Serge E. Hallyn
2015-11-18 2:30 ` Serge E. Hallyn
[not found] ` <20151118023022.GA17501-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-11-18 9:18 ` Eric W. Biederman
2015-11-18 9:18 ` Eric W. Biederman
[not found] ` <87r3jnfyx7.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-11-18 15:43 ` Serge E. Hallyn
2015-11-18 15:43 ` Serge E. Hallyn
[not found] ` <20151116205452.GA30975-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-11-16 22:24 ` Eric W. Biederman
[not found] ` <564A41AF.4040208-/L3Ra7n9ekc@public.gmane.org>
2015-11-16 20:54 ` Serge E. Hallyn
[not found] ` <20151116204606.GA30681-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-11-16 20:50 ` Richard Weinberger
[not found] ` <CAFLxGvzVmbZHrpaTmXUAK03hsnVPwEs3SJGNFNXfthh3NL8EDg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-11-16 20:46 ` Serge E. Hallyn [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='20151116204606.GA30681__32103.8969829262$1447706791$gmane$org@mail.hallyn.com' \
--to=serge-a9i7lubdfnhqt0dzr+alfa@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=lxc-devel-cunTk1MwBs9qMoObBWhMNEqPaTDuhLve2LY78lusg7I@public.gmane.org \
--cc=richard.weinberger-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.