linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Jeff Dike <jdike@karaya.com>
To: Ryan Cumming <bodnar42@phalynx.dhs.org>
Cc: linux-kernel@vger.kernel.org
Subject: Re: Special Kernel Modification
Date: Sun, 04 Nov 2001 23:02:08 -0500	[thread overview]
Message-ID: <200111050402.XAA05891@ccure.karaya.com> (raw)
In-Reply-To: Your message of "Sun, 04 Nov 2001 18:14:12 PST." <E160ZHB-0001Ae-00@localhost>

bodnar42@phalynx.dhs.org said:
> So, to summarize, you could use a VM, and it'd work well for
> containment, but  it'd be pretty useless as far as performance, ease
> of administration, and  scaling go. 

Yeah, that's mostly wrong.

> Comments?

They follow...

> 1) There is a fairly significant overhead due to running inside a VM,
> which  would certainly pile up over multiple invocations. Besides the
> overhead of  the VM, you have the have the additional overhead caused
> by such things as  having multiple running kernels doing exactly the
> same thing, all running  seperate copies of the required system
> daemons.

This can be minimized.  What the original poster asked for is a one-application
jail.  So, you boot up a filesystem that runs only that app, perhaps even
as the init process.  No system daemons, nothing but the app and whatever it 
runs.

> Now, try 30 people all running from VMs. They all must have a seperate
> copy  of the otherwise sharable portions of StarOffice, and all of its
>  dependancies. Memory pressure quickly rises, and it will start
> swapping out  one copy of StarOffice in favour of an identical portion
> of another copy (!).  System quickly becomes unusable. 

Nope.  Duplicate block caching can be eliminated by making the root filesystem
a COW device (http://user-mode-linux.sourceforge.net/shared_fs.html) and 
mounting it sychronously.  COWing it will allow it to be shared among all VMs, 
with any changes being stored in the private COW file.  Mounting it synchronous
will disable caching in the VM.  So, for a number of virtual machines, there
will be, in total, slightly more than one copy of their data in the host's
memory.

Another possibility is hostfs.  You can directly mount a host directory
inside UML.  That can obviously be shared between UMLs, so you again 
eliminate all the duplication.

> 2) Upgrading/changing the system configuration would require modifying
> -all-  of the VMs. This could be partially alleviated by using an NFS
> root, but then  the overhead mentioned above becomes even more looming

This is a problem for a COWed block device, but it's trivial for a shared
hostfs directory.  Just dump the new bits in.

				Jeff


  reply	other threads:[~2001-11-05  2:44 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2001-11-05  0:01 Special Kernel Modification Lonnie Cumberland
2001-11-05  0:19 ` Ryan Cumming
2001-11-05  0:29   ` lonnie
2001-11-05  1:04     ` Jan-Benedict Glaw
2001-11-05  3:04     ` Mike Fedyk
2001-11-06  0:34     ` Jorgen Cederlof
2001-11-06  0:38       ` lonnie
2001-11-05  0:22 ` Alan Cox
2001-11-05  0:39   ` Phil Sorber
2001-11-05  0:38 ` Rik van Riel
2001-11-05  1:04 ` Jeremy Jackson
2001-11-05  1:58 ` Jeff Dike
2001-11-05  2:14   ` Ryan Cumming
2001-11-05  4:02     ` Jeff Dike [this message]
2001-11-05  3:13       ` Ryan Cumming
2001-11-05  5:52         ` Jeff Dike
2001-11-05  5:30           ` Ryan Cumming
2001-11-05 14:22             ` Jeff Dike
2001-11-05 16:53           ` Andrea Arcangeli
2001-11-05 20:18             ` Jeff Dike
2001-11-05 19:05               ` Andrea Arcangeli
2001-11-05  0:37 John Weber
     [not found] <E160aCK-0001Fs-00@localhost.suse.lists.linux.kernel>
     [not found] ` <200111050552.AAA06451@ccure.karaya.com.suse.lists.linux.kernel>
2001-11-05  6:22   ` Andi Kleen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200111050402.XAA05891@ccure.karaya.com \
    --to=jdike@karaya.com \
    --cc=bodnar42@phalynx.dhs.org \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).