On Jun 2, 2012, at 09:59 , Jeff Liu wrote:

Hi Serge,

On 06/02/2012 12:04 AM, Serge Hallyn wrote:

quoted

Quoting Jan Kara (jack@suse.cz):

quoted

 Hello,

On Wed 30-05-12 22:58:54, jeff.liu@oracle.com wrote:

quoted

According to glauber's comments regarding container disk quota, it should be binded to mount
namespace rather than cgroup.

Per my try out, it works just fine by combining with userland quota utilitly in this way.
However, they are something has to be done at user tools too IMHO.

Currently, the patchset is in very initial phase, I'd like to post it early to seek more
feedbacks from you guys.

Hopefully I can clarify my ideas clearly.

 So what I miss in this introductory email is some highlevel description
like what is the desired functionality you try to implement and what is it
good for. Looking at the examples below, it seems you want to be able to
set quota limits for namespace-uid (and also namespace-gid???) pairs, am I
right?

 If yes, then I would like to understand one thing: When writing to a
file, used space is accounted to the owner of the file. Now how do we
determine owning namespace? Do you implicitely assume that only processes
from one namespace will be able to access the file?

								Honza

Not having looked closely at the original patchset, let me ask - is this
feature going to be a freebie with Eric's usernamespace patches?

It we can reach a consensus to bind quota on mount namespace for
container or other things maybe.

1. OpenVZ doesn't use mount namespaces and still has quotas per container.

2. BTW, have you seen Dmitry Monakhov patches for same containers quotas via additional inode attribute? it allows to make it journaled.
How quotas are stored in your case?

3. I tend to think nowdays such quotas maybe of less need. Quota code doesn't scale well. And it's easier to put container in image file (as OpenVZ recently introduced).

Thanks,
Kirill