[systemd-devel] A potentially cross platform solution for process containment in init applications

[Rong]

Hi,

Currently systemd is using cgroups kernel interface for process containment. Cgroups is a very easy solution on linux to handle the double fork used by daemons, and it can help respawning services in case of self-crash. However cgroups seems to be the major stopper for systemd to be cross platform. 

I'm thinking about an alternative approach for process containment, utilizing the widely accepted FUSE interface in all major unix systems. Below is a brief description:
a). A fuse daemon will providing a special file system, let's say /run/initfs
b). For every daemon which needs to be contained, we can start a helper process first, and open a file in the special file system. For instance, to start apache daemon, we start the helper and create/open a file "/run/initfs/apache". Make sure close-on-exit is NOT set on this file descriptor.
c). Fork-exec to start the daemon. Now we can identify all process with reference to "/run/initfs/apache" as a part of the apache daemon.

Aside from being cross platform, the FUSE interface also gives very powerful api for many advanced functionalities. This initfs file server is basically an user space extension of the kernel, just like some normal server in the microkernels. You could even have multiple instance of such initfs server running on the same box(using separate vfs/pid namespace to hide them from each other), thus making init on linux containers much easier.

Any thoughts?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20140321/309cba09/attachment.html>