[Libvir] A sample program to create a Linux Container

Dave Leskovec dlesko at linux.vnet.ibm.com
Fri Jan 25 19:30:35 UTC 2008


Daniel Hokka Zakrisson wrote:
> Dave Leskovec wrote:
>   
>> Attached is a simple program that uses the clone() function to create a
>> container.  This is not intended as a patch - just an example of what
>> creating a Linux Container looks like.  Something along these lines will
>> be used by the Linux Container driver to start the domain.  The code run
>> within this container is really simple.  It just mounts the /proc file
>> system and then dumps the ps output to a file showing that the container
>> is in separate process space.
>>
>> To run this you will need to have PID namespaces support enabled.  Turn
>> on CONFIG_PID_NS when compiling the kernel.  You must run the program as
>> root or the clone() call will fail.
>>
>> Any questions or comments are welcome.  Thanks!
>>     
>
> You want to use at least CLONE_NEWIPC and CLONE_NEWUSER too. CLONE_NEWUTS
> is probably desired as well, so you can have different hostnames, and
> CLONE_NEWNET for networking (though that's probably not going to be usable
> until after 2.6.25, at least).
>
>   
Thanks!  I added CLONE_NEWIPC and CLONE_NEWUTS.  Adding CLONE_NEWUSER 
caused clone() to fail.  I'm looking into that.

I'll post in the near future regarding CLONE_NEWNET, network support for 
containers, and the XML format.

-- 
Best Regards,
Dave Leskovec
IBM Linux Technology Center
Open Virtualization




More information about the libvir-list mailing list