# Resource Containers Project



## minimike (Dec 2, 2010)

Hi

Under http://www.freebsdfoundation.org/project announcements.shtml#Edward has been anounced the Resource Containers Project for this month. Is there a Website for this project? And where I could get the code?

cheers Darko


----------



## SirDice (Dec 2, 2010)

http://www.freebsd.org/news/status/report-2010-07-2010-09.html#Resource-Containers


----------



## minimike (Dec 2, 2010)

Thank you, I have got Mr.Edward Napierala written a eMail. So I hope he will sent me links or the Code by Mail. 

cheers Darko


----------



## minimike (Dec 6, 2010)

Didn't get a answer  So anybody knows the stuff is maybe in 9 current available?


----------



## trasz@ (Dec 6, 2010)

Sorry, I think I've missed your mail somehow.  Anyway: the code is not yet in 9-CURRENT; expect patches somewhere in January, and commits to CURRENT some time after that.


----------



## minimike (Dec 7, 2010)

Oh thank you 

But this time they Patches will be integrated? So if FreeBSD 9 RELEASE will be available later, I could calculate with this feature? 

warm regards
Darko


----------



## trasz@ (Dec 7, 2010)

Yes, the plan is this will be available in 9.0-RELEASE.


----------



## graudeejs (Dec 7, 2010)

Any pointers when 9.0 will be out...? Looking very forward to it....


----------



## SirDice (Dec 7, 2010)

killasmurf86 said:
			
		

> Any pointers when 9.0 will be out...? Looking very forward to it....



I think currently the focus is to get 7.4-RELEASE and 8.2-RELEASE out the door. 

http://wiki.freebsd.org/FreeBSD9


----------



## minimike (Dec 8, 2010)

Hmm May 2011, that should be to late for me  Because my Startup begins to start on the first January 2011. So first Jails should be sold on February with selected few experienced customers on my BETA Program. 
If I would compile the 9 CURRENT without SSL, Kerberos, SSH, just minimized. Would it be a very high risk, to deploy them on a productive environment?


----------



## minimike (Dec 22, 2010)

*PUSH*

Any news about the Patches?


----------



## trasz@ (Dec 23, 2010)

According to the newsletter (http://foundation.freebsd.org/press/2010Dec-newsletter.shtml), patches will be available early January.  I'll post to this thread when it happens


----------



## minimike (Jan 22, 2011)

*PUSH*

one month later 
Any News?


----------



## trasz@ (Jan 22, 2011)

Well, it got delayed somewhat.  There are two outstanding bugs I want to fix before I release it:

1. When running userstat or jailstat, it sometimes panics.  I know where the problem is and I intend to fix it today or tomorrow.

2. The way %CPU is measured is FUBAR.  I _think_ I know how to do this properly.  If it doesn't work, I'll release it with %CPU broken and fix it later.

What is userstat?  Something like vmstat, only for resources, displaying the most important ones.  Looks like this:


```
$ userstat
USER    %CPU    LIMIT   RSS     LIMIT   VMEM    LIMIT   SWAP    LIMIT
root    0       -       19M     -       198M    -       106M    -
trasz   6       -       24M     50M     159M    -       112M    -
```


----------



## trasz@ (Jan 22, 2011)

Here is a _DEVELOPMENT SNAPSHOT_, containing code with KNOWN PROBLEMS described above.  But it may give you some idea what it looks like.  It's against 9.0-CURRENT.

http://people.freebsd.org/~trasz/rctl-20110122-known-bugs.diff


----------



## danger@ (Jan 22, 2011)

There a little update for this project is covered in an upcomming status report. I should release it in the beginning of the next week. Stay tuned


----------



## dennylin93 (Jan 23, 2011)

Excellent news! Will this be MFC'd to 8-STABLE once it is stable?


----------



## trasz@ (Jan 24, 2011)

@dennylin93: I think so.  I'm not sure about SysV IPC limits, though - they change ABI, so tools like ipcs(1) need to be rebuilt.


----------



## minimike (Feb 15, 2011)

Hello all 

So now, what's the current status? I hope it is in CURRENT completely now. Is there some Documentation for activating and configuring available? I have provided a box with FreeBSD 9 CURRENT for testing yesterday.

kind regards
Darko


----------



## trasz@ (Feb 15, 2011)

It's not yet in CURRENT.  Help with testing is welcome.  Patch is here: http://people.freebsd.org/~trasz/rctl-20110214.diff.  To use it, you'll need to add


```
options CONTAINERS
options RCTL
```

to your kernel config file (actually, patch should already add these to GENERIC) and rebuild the kernel.  Note that %CPU is still off, and it's a known problem.  The rest should work.


----------



## danger@ (Feb 15, 2011)

I don't think any code from this project has landed in CURRENT yet...or at least I didn't notice.


----------



## release (Feb 23, 2011)

Hello there,
This project seems very promising, is there any code commited to upstream ?

Trasz@ , did you find a way to fix %CPU?

Thanks
David.


----------



## release (Mar 9, 2011)

Hello, any news on this great project? 

Thank you


----------



## trasz@ (Mar 9, 2011)

@release: Testing shows it works, so I plan to merge it this weekend, or the weekend after.  %CPU turns out to be much more complicated than I thought, so that will have to wait.


----------



## release (Mar 10, 2011)

That's great news! Does the %CPU problem affect the CPU resource limitation? 

Thank you!


----------



## Galactic_Dominator (Mar 14, 2011)

I have periodically checked the wiki for about 2 years on this project.  Would probably be good to update that source as this thread is the only recent activity I've seen.


----------



## danger@ (Mar 31, 2011)

Seems like some (all?) parts of this work is currently being merged into FreeBSD-CURRENT.


----------



## zennybsd (Apr 4, 2011)

Eagerly looking forward to this project to be completed which will bring jails at par with the Solaris containers. Just tried to patch to the 8.2, but didn't work in my case.

This feature with VIMAGE+epair would boost the FreeBSD use by leaps and bounds, I presume.


----------



## trasz@ (Apr 4, 2011)

I'll prepare a new diff against 8.2 in a few days, after I finish merging.


----------



## minimike (Apr 5, 2011)

What I'm still missing is something to hide the complete output from "dmesg" inside a jail.
So is there a patch or something to configure available?
The Patch for 8.2 will be nice. Tell me please if it will be available for testing. Currently I decide me between FreeBSD Jails with Vnet and Linux Containers with Veth.


----------



## trasz@ (Apr 5, 2011)

@minimike: Why do you need to hide the dmesg output?


----------



## minimike (Apr 5, 2011)

trasz@ said:
			
		

> @minimike: Why do you need to hide the dmesg output?


If you are selling Linux Containers or FreeBSD jails costumers could see it. Exemplary on Linux Containers by default Shorewall a IPtables framework sends some messages so that costumers in there containers could see it in dmesg like some IPtables settings or other secret messages from the Host and from other Containers. The same with other stuff on FreeBSD Jails. Exemplary customers could calculate how many jails are running on the Host. This should be on an mass hosting environment a holy trade secret. For me as an ISP Startup who would like sell FreeBSD Jails for rent is that a real big problem.


----------



## trasz@ (Apr 5, 2011)

@minimike: Ok, makes sense.  Looks like you can do that already, using [cmd=]sysctl security.bsd.unprivileged_read_msgbuf=0[/cmd]


----------



## minimike (Apr 5, 2011)

trasz@ said:
			
		

> @minimike: Ok, makes sense.  Looks like you can do that already, using [cmd=]sysctl security.bsd.unprivileged_read_msgbuf=0[/cmd]



trasz@ thanks for this tip! But thats to strict :/ On my wishlist is something like a demsg output like under Solaris-Zones or Linux-Vservers. If you type dmesg there, they will shown only the output from the stuff whats happened inside the container. It will be needed on every commercial mass hosting environment. Without your work still will be great! But not enough


----------



## minimike (Apr 9, 2011)

Oh, I've forgotten it. So now, trasz@, which FreeBSD list do I have to visit/use to get more status information?


----------



## zennybsd (Sep 16, 2011)

*Eagerly waiting for updates!*



			
				trasz@ said:
			
		

> I'll prepare a new diff against 8.2 in a few days, after I finish merging.



@trasz: Any updates about the diff against 8.2? Any pointer or links?

I waited for the release of 9.0 which is supposedly included RCP but the release seems behind schedule (from what I read here http://wiki.freebsd.org/Releng/9.0TODO?highlight=((FreeBSD9))#Release_Schedule)

And what is the status of %CPU allocation? (Sad to read here just a while ago that it won't be ready till 9.0 release :-( )

*** If any of my posts helped you, please contribute to either http://www.freebsdfoundation.org/donate/ or http://www.thehumanape.org/. Appreciate it! Thanks for your understanding! ***


----------



## trasz@ (Sep 19, 2011)

The whole thing turned out to be more complicated than I originally thought, and I never backported it to 8.  I'd suggest to try out latest BETA, since it'll pretty close to the final 9.0.


----------



## zennybsd (Sep 20, 2011)

trasz@: Thanks for the info as well as the hard work you are doing to add more tweaks to jails resources. I shall try now to install 9-CURRENT. 

Is it advisable to upgrade from 8.2 to 9-CURRENT? Or just install fresh 9-CURRENT?



*** If any of my posts helped you, please contribute to either http://www.freebsdfoundation.org/donate/ or http://www.thehumanape.org/. Appreciate it! Thanks for your understanding! ***


----------



## trasz@ (Sep 22, 2011)

I upgraded a few machines (using source) without any problems.


----------



## zennybsd (Sep 23, 2011)

trasz@: thanks I shall try accordingly.

BTW, in 9-CURRENT, where do I need to specify the resourse and what parameters are supported besides that in 8? Any manual? The one here points to the old literatures.

Any pointer will be appreciated. Thanks!


----------



## trasz@ (Sep 23, 2011)

@zennybsd: "man rctl" would be a good start.  Note that you need to rebuild your kernel with "options RACCT" and "options RCTL".


----------



## zennybsd (Sep 23, 2011)

trasz@: I will define the options you stated when I run nanobsd.sh script. Thanks for reminder.

In the meantime, I found this new link which is updated.

Thanks for the hard work ;-)


----------

