Ubuntu Server containers (e.g. LXC, OpenVZ)
While regular virtualization (kvm/virtualbox
In most cases, it's not necessary and having some kind of "chroot" with quota on main resources (CPU, memory, network, disk) would be enough.
That's what contextualization technologies let you do, the most known of which is probably OpenVZ (virtuoso) but Vserver and LXC also exist.
LXC is the mainline implementation of contextualization and is built-in the kernel since 2.6.28 and well working as of 2.6.31.
It would be interesting that the next LTS (10.04) supports both virtualization and contextualization and so will cover everybody's needs.
Blueprint information
- Status:
- Complete
- Approver:
- Jos Boumans
- Priority:
- Low
- Drafter:
- Soren Hansen
- Direction:
- Approved
- Assignee:
- Stéphane Graber
- Definition:
- Approved
- Series goal:
- Accepted for lucid
- Implementation:
- Implemented
- Milestone target:
- lucid-alpha-3
- Started by
- Jos Boumans
- Completed by
- Stéphane Graber
Related branches
Whiteboard
ttx review (20091130) -- Looks good to me.
mdz review 2009-11-30: Includes a user story about an upgrade path, but it does not specify an action/result and design does not address this. Please add bug titles to the work item list, rather than just opaque bug numbers. Design section includes an unanswered question. Made some edits for clarity.
jib review 2009-12-18: I would like to discuss this spec at our next meeting on January 6th to make sure we are all alligned.
Status:
on track
Work items for lucid-alpha-3:
Bug: #480739: DONE
[soren] Extend VMBuilder to be able to bootstrap a container: DONE
[soren] libvirt needs to build against libcapng: DONE
need to sync libcapng from Debian: DONE
[jdstrand] Bug #480478: DONE
[stgraber] Review state of libvirt 0.7.2 + LXC (lxc is OK, 0.7.5 will need to build against libcapng): DONE
[stgraber] Try to boot a Lucid container on Lucid (failed, will need some init script to fix that): DONE
[stgraber] Get the latest LXC userspace tools in the archive: DONE
[stgraber] Do a MIR for the LXC userspace: DONE
Nice to have items:
* enhance libvirt apparmor for lxc coverage. This requires adding sVirt security driver hooks to the LXC support in libvirt. Currently, libvirt only has security driver hooks for qemu, so this will require significant effort and coordination with upstream.