Date: Tue, 27 Jan 2015 08:17:05 -0600 From: Mark Felder <feld@FreeBSD.org> To: freebsd-jail@freebsd.org Subject: Re: preferred jail management tool Message-ID: <1422368225.3958980.219494573.4EAD939C@webmail.messagingengine.com> In-Reply-To: <54C7958B.40007@gmail.com> References: <CACfj5vKjiQHsy9VbOKFFcrBpyr3dmbkOOxTxCYhSyZrnrjRiaQ@mail.gmail.com> <CAHieY7TyxzC0aK-ErY2EbCmTJPykk_9G7Gd=CrZ9yxQ-77PynA@mail.gmail.com> <20150127012347.GA4940@lonesome.com> <20150127141239.V77290@sola.nimnet.asn.au> <54C7958B.40007@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 27, 2015, at 07:41, Ernie Luzar wrote:
>
> On the subject of vimage/vnet, vimage has many outstanding PRs and has
> received absolutely no maintenance since it was first published.
This statement is ridiculous.
r276747 | rodrigc | 2015-01-06 03:03:03 -0600 (Tue, 06 Jan 2015) | 7
lines
Instead of creating a purge thread for every vnet, create
a single purge thread and clean up all vnets from this thread.
r276746 | rodrigc | 2015-01-06 02:39:06 -0600 (Tue, 06 Jan 2015) | 14
lines
Merge: r258322 from projects/pf branch
Split functions that initialize various pf parts into their
vimage parts and global parts.
Since global parts appeared to be only mutex initializations, just
abandon them and use MTX_SYSINIT() instead.
Kill my incorrect VNET_FOREACH() iterator and instead use correct
approach with VNET_SYSINIT().
r275599 | rodrigc | 2014-12-08 01:25:59 -0600 (Mon, 08 Dec 2014) | 11
lines
Use CURVNET macros inside inet_get_local_port_range() function.
Without this fix, a kernel with VIMAGE + Infiniband will panic on
bootup.
Certain necessary #include statements require LIST_HEAD.
Add these includes to ofed/include/linux/list.h, because
LIST_HEAD is specifically overridden in this file.
r275555 | rodrigc | 2014-12-05 20:59:59 -0600 (Fri, 05 Dec 2014) | 8
lines
MFp4: @181627
Allow UMA allocated memory to be freed when VNET jails are torn down.
r274803 | rodrigc | 2014-11-21 11:57:37 -0600 (Fri, 21 Nov 2014) | 4
lines
Create a vimage.9 link to vnet.9
r274745 | rodrigc | 2014-11-20 03:56:34 -0600 (Thu, 20 Nov 2014) | 8
lines
MFp4: @179066
Add page which describes VNET network stack virtualization
infrastructure.
r274744 | rodrigc | 2014-11-20 02:11:54 -0600 (Thu, 20 Nov 2014) | 15
lines
Set the current vnet inside the ioctl handler for ipfilter.
Without this fix, the vnet was NULL and would crash.
This fix is similar to what was done inside the ioctl handler for PF.
Tested by:
(1) Boot a kernel with "options VIMAGE" enabled
(2) Type:
echo "map lo0 from 10.0.0.0/24 to ! 10.0.0.0/24 -> 127.0.0.1/32" >
/etc/ipnat.rules ; service ipnat onerestart
r272889 | hrs | 2014-10-10 01:45:13 -0500 (Fri, 10 Oct 2014) | 5 lines
Virtualize if_epair(4). An if_xname check for both "a" and "b"
interfaces
is added to return EEXIST when only "b" interface exists---this can
happen
when epair<N>b is moved to a vnet jail and then "ifconfig epair<N>
create"
is invoked there.
r272386 | hrs | 2014-10-01 16:37:32 -0500 (Wed, 01 Oct 2014) | 10 lines
Virtualize lagg(4) cloner. This change fixes a panic when tearing down
if_lagg(4) interfaces which were cloned in a vnet jail.
Sysctl nodes which are dynamically generated for each cloned interface
(net.link.lagg.N.*) have been removed, and use_flowid and flowid_shift
ifconfig(8) parameters have been added instead. Flags and per-interface
statistics counters are displayed in "ifconfig -v".
I could go on, but I'm sure you can search the svn logs yourself.
> Vimage has to be compiled into the kernel and its kernel compile option
> has comment that it is highly experimental.
No it doesn't.
# Network stack virtualization.
#options VIMAGE
#options VNET_DEBUG # debug for VIMAGE
See for yourself:
https://svnweb.freebsd.org/base/head/sys/conf/NOTES?view=markup
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1422368225.3958980.219494573.4EAD939C>