Ubuntu

LXC improvements

Registered by Serge Hallyn on 2011-04-20

Some basic lxc container improvements:
  ∘ quick container cloning with snapshotting for lvm, btrfs, and aufs/unionfs
    (based on ppa:serge-hallyn/lxc-natty work)
  ∘ sandbox template using current user namespace
    . limited use, but useful for locking child task such that it can only talk
      to us over pipes.
  ∘ per container syslog
    . Lack of this has prevented me from using containers for some bug
      investigations.
  ∘ proc virtualization
  ∘ container reboot and shutdown
  ∘ custom per-container firewall rules
  ∘ lsm integration
  ∘ templates for other distros (fedora, opensles, gentoo)

Read the full specification

Blueprint information

Status:: Complete

Approver:: Robbie Williamson

Priority:: High

Drafter:: Serge Hallyn

Direction:: Approved

Assignee:: Ubuntu Server

Definition:: Approved

Series goal:: Accepted for oneiric

Implementation:: Implemented

Milestone target:: ubuntu-11.10

Started by: Robbie Williamson on 2011-07-01

Completed by: Dave Walker on 2011-09-29

Related branches

Related bugs

Sprints

uds-o

Whiteboard

# NOTE: I s/ebiederman/serge-hallyn for "push lxc-attach kernel patches" as ebiederman wasn't a valid LP username, please update this if ebiederman has a LP account. Thanks.

Plenty of other distro templates could use work, but a fedora one has been added.

Status: In progress

Work Items:
validate LXC support on ARM: DONE
[serge-hallyn] libcgroup integration: DONE
[serge-hallyn] ubuntu template cleanup: DONE
improve lxc-ps, lxc-netstat: DONE
[serge-hallyn] quick container cloning with snapshotting using LVM: DONE
templates for other distros (fedora, opensles, gentoo): DONE
[bootstrap31] push kernel patches supporting shutdown/reboot: POSTPONED
[bootstrap31] exploit container shutdown/reboot kernel support in lxc: POSTPONED
[bootstrap31] push lxc-attach when kernel patches are upstream: POSTPONED
[serge-hallyn] push lxc-attach kernel patches: POSTPONED
[zulcss] List of missing bits pieces of libvirt for lxc (libvirt 0.9.1-1 merge is pending): POSTPONED

[serge-hallyn] quick container cloning with snapshotting using overlayfs: DONE
[bootstrap31] push core proc virtualization support upstream: POSTPONED
udev and device namespaces: POSTPONED
[zulcss] Badger someone into writing libvirt-lxc bridge: POSTPONED
per container syslog: POSTPONED
lsm integration: POSTPONED
event notification: POSTPONED
custom per-container firewall rules: POSTPONED

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information

Everyone can see this information.

Subscribers

Ahmed Kamal

Christophe Sauthier

Dave Russell

Dave Walker

David Mandala

Erkan Yanar

James Hunt

Johan Kiviniemi

Jonathan Carter

Kapil Thangavelu

Larry Wikelius

mahmoh

Marc Cluet

Mark Russell

Martin Bogomolni

Matt Domsch

Michael Casadevall

Nick Barcet

Pär Eriksson

Registry Administrators

Rob Herring

Scott Moser

Serge Hallyn

Shang Wu

Stéphane Graber

Tom Ellis

Victor Tuson Palau