Bug 463305 - RFE: [LTC 6.0] 201350:Linux Containers: libvirt support [NEEDINFO]
RFE: [LTC 6.0] 201350:Linux Containers: libvirt support
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: libvirt (Show other bugs)
6.0
All All
high Severity high
: alpha
: 6.0
Assigned To: Daniel Veillard
Virtualization Bugs
: FutureFeature
Depends On:
Blocks: 356741 554559 555199 555224
  Show dependency treegraph
 
Reported: 2008-09-22 17:00 EDT by IBM Bug Proxy
Modified: 2010-07-02 15:23 EDT (History)
8 users (show)

See Also:
Fixed In Version: libvirt-0.7.1-2.el6
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-07-02 15:23:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
veillard: needinfo? (bugproxy)


Attachments (Terms of Use)

  None (edit)
Description IBM Bug Proxy 2008-09-22 17:00:36 EDT
=Comment: #0=================================================
Emily J. Ratliff <emilyr@us.ibm.com> - 2008-09-16 18:27 EDT
1. Feature Overview:
Feature Id:	[201350]
a. Name of Feature:	Linux Containers: libvirt support
b. Feature Description
Add Linux Containers as another virtualization domain to libvirt. Includes adding the necessary
extensions to define, create, modify, configure, stop and destroy a Linux container.

2. Feature Details:
Sponsor:	Xen
Architectures:
x86
x86_64
ppc64

Arch Specificity: Purely Common Code
Delivery Mechanism: Direct from community
Category:	Xen
Request Type:	Package - Update Version
d. Upstream Acceptance:	In Progress
Sponsor Priority	1
f. Severity: High
IBM Confidential:	no
Code Contribution:	3rd party code
g. Component Version Target:	libvirt 0.4.4 or later

3. Business Case
libvirt support for containers enables Linux Containers to be managed through virt-manager as well
as, though libvirt-cim set of providers by IBM management products (IBM Director/Tivoli)

4. Primary contact at Red Hat: 
John Jarvis
jjarvis@redhat.com

5. Primary contacts at Partner:
Project Management Contact:
Mike Wortman, wortman@us.ibm.com, 512-838-8582

Technical contact(s):
Vivek Kashyap, vivk@us.ibm.com

IBM Manager:
Warren Grunbok II, grunbok@us.ibm.com
Comment 2 Daniel Berrange 2008-09-23 05:04:13 EDT
FYI, the container support in libvirt-0.4.5 is very promising but there is significant development required before I'd consider it an enterprise quality solution - development both in the kernel & libvirt. 

A general overview of state as of writing this comment can be seen in this mail

https://lists.linux-foundation.org/pipermail/containers/2008-September/013237.html
Comment 3 IBM Bug Proxy 2009-02-05 00:00:41 EST
Kaitlin, assigning to you since this is for libvirt.

libvirt 0.4.6.2 and libvirt-cim 0.5.2 provide the function required here.
Comment 4 IBM Bug Proxy 2009-02-05 16:00:38 EST
libvirt needs iproute2 for containers with networking support.

libvirt-cim is dependent on the following:

libvirt              version >= 0.4.6.2
libcmpiutil       version >= 0.4
tog-pegasus   version >= 2.7.0
Comment 5 Daniel Berrange 2009-06-04 05:57:57 EDT
FYI, state of upstream LXC driver in libvirt

 - Core libvirt APIs available
 - Ability to use cgroups devices, memory, cpu & cpuacct controllers for resource limitation
 - Ability to add private filesystem mounts within the container
 - Private /dev/pts within the container
 - Private network interfaces within the container, bridged or NATd to LAN.
  - Two potential use cases for LXC driver
     1. Resource isolation of application workloads (memory, cpu, networking)
     2. Virtual OS containers

As of current kernel 2.6.30, only the first use case can be considered feasible for a real world usage. There are still several kernel features missing, before the 'Virtual OS containers' use case can be considered secure & until it is secure, it cannot be used in real world. At the very least we need user namespaces, such that user IDs inside the container are separate from those outside.  I don't see the kernel changes for user namespaces being ready in time for RHEL-6.

Thus from a libvirt POV, it would be feasible to include the LXC driver in RHEL-6 *provided* it is clear that the only intended use case is resource isolation for applications. Virtual OS containers must remain out of scope of support until kernel develops further.

There would also need to be a significant testing effort for the LXC driver in libvirt to make sure the driver itself is robust, and that the kernel resource controllers are actually working as intended.
Comment 6 RHEL Product and Program Management 2009-08-03 16:18:54 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.
Comment 7 Daniel Veillard 2009-09-21 07:50:29 EDT
LXC support is actually compiled in libvirt-0.7.1-2 on all arches,
and that should be available on RHEL-6 Alpha 2 . I suggest to double
check this when Alpha 2 comes out and report,

  thanks,

Daniel
Comment 8 John Jarvis 2009-10-15 11:00:17 EDT
IBM is signed up to test and provide feedback
Comment 9 releng-rhel@redhat.com 2009-10-30 18:11:47 EDT
Fixed in 'libvirt-0.7.1-2.el6'. 'libvirt-0.7.1-2.el6.2' included in compose 'RHEL6.0-20091029.0'.
Moving to ON_QA.
Comment 10 dyuan 2010-06-24 05:29:42 EDT
Verified PASSED with libvirt-0.8.1-10.el6(has provided the support for LXC, tested on x86_64 and i386).
Comment 11 releng-rhel@redhat.com 2010-07-02 15:23:37 EDT
Red Hat Enterprise Linux Beta 2 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.

Note You need to log in before you can comment on or make changes to this bug.