New snapshot: network stack cloning / virtualization patches
Marko Zec
zec at tel.fer.hr
Fri Sep 12 06:06:30 PDT 2003
Network stack cloning patches allow for multiple fully independent network
stacks to simultaneously coexistst in a single FreeBSD kernel. Combined with
jail-style separation between user processes and with proportional-share
extensions to the standard BSD CPU scheduler, the patched kernel can
efficiently provide isolated and controllable pseudo virtual machine
environments. The patches preserve the userland to kernel API/ABI, so all
existing applications can run on the patched kernel without any need for
modifications / recompiling.
The latest snapshot of the patches (against 4.8-RELEASE) can be found at
http://www.tel.fer.hr/zec/vimage/
What's new:
Internal restructuring - struct vimage is now separated in resource-specific
containers for network stack (vnet), jail-style process group (vprocg), and
CPU scheduling (vcpu). This should allow for more modular resource
virtualization in the future, however the necessary management API has yet to
be implemented;
Kernel message buffers - each vimage / vprocg now has a private kernel message
buffer instance, thus allowing for (virtualized) printf() and log() messages
from within the kernel to be routed to the appropriate msgbuf. The /dev/log
interface has been hacked to support for multiple syslogd instances to access
it simultaneously, while each receiving only the messages from the
appropriate msgbuf instance;
Several important bugfixes in TCP code virtualization.
Cheers,
Marko
More information about the freebsd-net
mailing list