Re: [Libvir] A sample program to create a Linux Container

Daniel Hokka Zakrisson wrote: > Dave Leskovec wrote: > >> Attached is a simple program that uses the clone() function to create a >> container. This is not intended as a patch - just an example of what >> creating a Linux Container looks like. Something along these lines >> will >> be used by the Linux Container driver to start the domain. The code >> run >> within this container is really simple. It just mounts the /proc file >> system and then dumps the ps output to a file showing that the >> container >> is in separate process space. >> >> To run this you will need to have PID namespaces support enabled. Turn >> on CONFIG_PID_NS when compiling the kernel. You must run the program >> as >> root or the clone() call will fail. >> >> Any questions or comments are welcome. Thanks! >> > > You want to use at least CLONE_NEWIPC and CLONE_NEWUSER too. > CLONE_NEWUTS > is probably desired as well, so you can have different hostnames, and > CLONE_NEWNET for networking (though that's probably not going to be > usable > until after 2.6.25, at least). > > Thanks! I added CLONE_NEWIPC and CLONE_NEWUTS. Adding CLONE_NEWUSER caused clone() to fail. I'm looking into that.

I'll post in the near future regarding CLONE_NEWNET, network support for containers, and the XML format.