463305 – RFE: [LTC 6.0] 201350:Linux Containers: libvirt support

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 463305 - RFE: [LTC 6.0] 201350:Linux Containers: libvirt support

Summary: RFE: [LTC 6.0] 201350:Linux Containers: libvirt support

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	6.0
Hardware:	All
OS:	All
Priority:	high
Severity:	high
Target Milestone:	alpha
Target Release:	6.0
Assignee:	Daniel Veillard
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	356741 554559 555199 555224
TreeView+	depends on / blocked

Reported:	2008-09-22 21:00 UTC by IBM Bug Proxy
Modified:	2023-09-14 01:13 UTC (History)
CC List:	8 users (show)
Fixed In Version:	libvirt-0.7.1-2.el6
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-07-02 19:23:37 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description IBM Bug Proxy 2008-09-22 21:00:36 UTC

=Comment: #0=================================================
Emily J. Ratliff <emilyr.com> - 2008-09-16 18:27 EDT
1. Feature Overview:
Feature Id:	[201350]
a. Name of Feature:	Linux Containers: libvirt support
b. Feature Description
Add Linux Containers as another virtualization domain to libvirt. Includes adding the necessary
extensions to define, create, modify, configure, stop and destroy a Linux container.

2. Feature Details:
Sponsor:	Xen
Architectures:
x86
x86_64
ppc64

Arch Specificity: Purely Common Code
Delivery Mechanism: Direct from community
Category:	Xen
Request Type:	Package - Update Version
d. Upstream Acceptance:	In Progress
Sponsor Priority	1
f. Severity: High
IBM Confidential:	no
Code Contribution:	3rd party code
g. Component Version Target:	libvirt 0.4.4 or later

3. Business Case
libvirt support for containers enables Linux Containers to be managed through virt-manager as well
as, though libvirt-cim set of providers by IBM management products (IBM Director/Tivoli)

4. Primary contact at Red Hat: 
John Jarvis
jjarvis

5. Primary contacts at Partner:
Project Management Contact:
Mike Wortman, wortman.com, 512-838-8582

Technical contact(s):
Vivek Kashyap, vivk.com

IBM Manager:
Warren Grunbok II, grunbok.com

Comment 2 Daniel Berrangé 2008-09-23 09:04:13 UTC

FYI, the container support in libvirt-0.4.5 is very promising but there is significant development required before I'd consider it an enterprise quality solution - development both in the kernel & libvirt. 

A general overview of state as of writing this comment can be seen in this mail

https://lists.linux-foundation.org/pipermail/containers/2008-September/013237.html

Comment 3 IBM Bug Proxy 2009-02-05 05:00:41 UTC

Kaitlin, assigning to you since this is for libvirt.

libvirt 0.4.6.2 and libvirt-cim 0.5.2 provide the function required here.

Comment 4 IBM Bug Proxy 2009-02-05 21:00:38 UTC

libvirt needs iproute2 for containers with networking support.

libvirt-cim is dependent on the following:

libvirt              version >= 0.4.6.2
libcmpiutil       version >= 0.4
tog-pegasus   version >= 2.7.0

Comment 5 Daniel Berrangé 2009-06-04 09:57:57 UTC

FYI, state of upstream LXC driver in libvirt

 - Core libvirt APIs available
 - Ability to use cgroups devices, memory, cpu & cpuacct controllers for resource limitation
 - Ability to add private filesystem mounts within the container
 - Private /dev/pts within the container
 - Private network interfaces within the container, bridged or NATd to LAN.
  - Two potential use cases for LXC driver
     1. Resource isolation of application workloads (memory, cpu, networking)
     2. Virtual OS containers

As of current kernel 2.6.30, only the first use case can be considered feasible for a real world usage. There are still several kernel features missing, before the 'Virtual OS containers' use case can be considered secure & until it is secure, it cannot be used in real world. At the very least we need user namespaces, such that user IDs inside the container are separate from those outside.  I don't see the kernel changes for user namespaces being ready in time for RHEL-6.

Thus from a libvirt POV, it would be feasible to include the LXC driver in RHEL-6 *provided* it is clear that the only intended use case is resource isolation for applications. Virtual OS containers must remain out of scope of support until kernel develops further.

There would also need to be a significant testing effort for the LXC driver in libvirt to make sure the driver itself is robust, and that the kernel resource controllers are actually working as intended.

Comment 6 RHEL Program Management 2009-08-03 20:18:54 UTC

This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 7 Daniel Veillard 2009-09-21 11:50:29 UTC

LXC support is actually compiled in libvirt-0.7.1-2 on all arches,
and that should be available on RHEL-6 Alpha 2 . I suggest to double
check this when Alpha 2 comes out and report,

  thanks,

Daniel

Comment 8 John Jarvis 2009-10-15 15:00:17 UTC

IBM is signed up to test and provide feedback

Comment 9 releng-rhel@redhat.com 2009-10-30 22:11:47 UTC

Fixed in 'libvirt-0.7.1-2.el6'. 'libvirt-0.7.1-2.el6.2' included in compose 'RHEL6.0-20091029.0'.
Moving to ON_QA.

Comment 10 dyuan 2010-06-24 09:29:42 UTC

Verified PASSED with libvirt-0.8.1-10.el6(has provided the support for LXC, tested on x86_64 and i386).

Comment 11 releng-rhel@redhat.com 2010-07-02 19:23:37 UTC

Red Hat Enterprise Linux Beta 2 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.

Comment 12 Red Hat Bugzilla 2023-09-14 01:13:42 UTC

The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days

Note You need to log in before you can comment on or make changes to this bug.