Re: [vserver] vserver 0.11 and kernel ctx-8 released

About this list Date view Thread view Subject view Author view Attachment view

From: Andy Kwong (iserlohn_at_aicompro.com)
Date: Tue Feb 26 2002 - 15:52:41 EST


How about including the excellent vps2 utility in the next release of
the utilities. It's great having the ctx number next to the pid in the
list.

On Tue, 2002-02-26 at 11:39, Jacques Gelinas wrote:
> Here is the change log
>
> vserver 0.11
> Change log
>
>
> 1. Enhancements
>
>
> 1.1. /usr/sbin/vkill: new<
>
> This is a simple script. You do
>
>
>
> /usr/sbin/vkill PID
>
>
>
>
> and it will locate the vserver owning that process, enter its security
> context and issue the kill.
>
>
> 1.2. /usr/sbin/vserver
>
> Various enhancements:
>
>
> + /var/run
>
> Only files are erased from /var/run at vserver build and start-up
> time. Sub-directories are left. Also, /var/run/utmp is created
> empty at start-up time.
>
>
> + /var/log/wtmp
>
> It is created empty at vserver build time. It is ignored after
> that.
>
>
> + 5 seconds sleep after stopping a vserver, before killing the
> remaining processes. 5 instead of 2.
>
>
> + S_CAPS not processed when entering a vserver
>
> When entering a running vserver, the S_CAPS setting was not enabled
> for the shell. So if you had given the vserver some capabilities,
> they were not available when using "enter".
>
>
>
> 1.3. Dynamic system call number
>
> The 2 system calls used by the vserver project are not yet reserved in
> the kernel. To help people using the vserver patch with other patches,
> having conflicting system call number, the ctx-8 publish in
> /proc/self/status the system call numbers. The various utilities
> (chbind, reducecap and chcontext) are using this information on the
> fly. So you can move the system call around and the utilities keep
> working without recompile.
>
>
>
>
>
> 1.4. kernel ctx-8
>
> Here is a small change log:
>
>
> + Dynamic system calls numbering
>
>
> + Per user/per context resources.
>
> The ulimit resources for a user used to be shared across vserver.
> This was plain wrong since user ID N in a vserver is unrelated to
> user ID N in another vserver.
>
> Contributed by Patrick Schaaf <bof_at_bof.de>
>
>
> + Using 127.0.0.1 in a vserver.
>
> Note, this is unrelated to the multi-IP-per-vserver concept. A
> vserver normally use a single IP to listen and talk. In general,
> this is not a problem. But it breaks a little semantic. Most
> services out there simply do a bind on IP 0.0.0.0. This way, they
> expect to grab any incoming traffic. They also expect that talking
> to 127.0.0.1 is a good way (configuration less) to talk to
> themselves. Some services are using localhost (which is redirect to
> the ipv4root of the vserver) and some are using 127.0.0.1 directly.
>
> The ctx-8 kernel now maps 127.0.0.1 to the ipv4root of the vserver
> on the fly. This solves some issues with samba and should also (not
> tested) solve the issue with PostgreSQL.
>
>
> + Per vserver network activity.
>
> The output of netstat is now filtered by vserver. This includes
> /proc/net/tcp. This is not done per ipv4root but using the security
> context. This was contributed (oops sorry, lost the contributor
> name).
>
>
>
> 1.5. Man pages for most utilities
>
> Thanks to klavs klavsen <kl_at_vsen.dk>, we have now a man page for all
> utilities. Now, we need a man page for the 2 system calls.
>
> ---------------------------------------------------------
> Jacques Gelinas <jack_at_solucorp.qc.ca>
> vserver: run general purpose virtual servers on one box, full speed!
> http://www.solucorp.qc.ca/miscprj/s_context.hc


About this list Date view Thread view Subject view Author view Attachment view

This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:01 EDT