Announcement

Collapse
No announcement yet.

Jailhouse Guest Support To Be Included With Linux 4.16

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Jailhouse Guest Support To Be Included With Linux 4.16

    Phoronix: Jailhouse Guest Support To Be Included With Linux 4.16

    With Linux 4.16 is initial support for the Jailhouse hypervisor to support native Linux guests in non-root cells...

    http://www.phoronix.com/scan.php?pag...lat-Linux-4.16

  • #2
    I wonder how this compares to running LXC user-mode containers. I use those a lot on servers to isolate processes like php and the web server in their own little read-only "jails". LXC is really fiddlely though and I hate using it. Often updates to the kernel or userland will break my containers so they won't start and it's difficult to figure out why.

    Things like KVM are too heavyweight because most of the time I'm basically creating "VM's" just for a single process. Also, often KVM-inside-a-VM doesn't work on hosting providers whereas LXC does.

    Comment


    • #3
      Originally posted by linner View Post
      I wonder how this compares to running LXC user-mode containers. I use those a lot on servers to isolate processes like php and the web server in their own little read-only "jails". LXC is really fiddlely though and I hate using it. Often updates to the kernel or userland will break my containers so they won't start and it's difficult to figure out why.

      Things like KVM are too heavyweight because most of the time I'm basically creating "VM's" just for a single process. Also, often KVM-inside-a-VM doesn't work on hosting providers whereas LXC does.
      Did you ever heard of Docker?

      Comment


      • #4
        Originally posted by tessio View Post
        Did you ever heard of Docker?
        Docker is a wrapper for LXC. Yes, I use it when it makes sense. Why?

        Comment


        • #5
          Originally posted by linner View Post

          Docker is a wrapper for LXC. Yes, I use it when it makes sense. Why?
          Docker hasn't been a LXC wrapper in a very long time.

          Comment


          • #6
            Originally posted by linner View Post

            Docker is a wrapper for LXC. Yes, I use it when it makes sense. Why?
            It's not a wrapper for LXC. If LXC isn't working for you, you should try it..

            Comment


            • #7
              So by the sound of it is this a kind of new Xen?

              Comment


              • #8
                Docker does in fact use LXC. It's all part of the same kernel subsystem (containers).

                Comment


                • #9
                  Originally posted by linner View Post
                  Docker does in fact use LXC. It's all part of the same kernel subsystem (containers).
                  Not exactly. Both Docker and LXC are user space applications based on low level kernel features (namespaces, cgroups, seccomp etc.)

                  Comment


                  • #10
                    I'd say those are high level (OS-level) kernel features. But anywho...

                    Comment

                    Working...
                    X