Server Technical Specification: Agenda and First Draft

Richard W.M. Jones rjones at redhat.com
Sun Mar 2 16:05:27 UTC 2014 

On Sat, Mar 01, 2014 at 02:58:41PM +0530, Kashyap Chamarthy wrote:
> On Fri, Feb 28, 2014 at 02:56:52PM +0100, drago01 wrote:
> > On Fri, Feb 28, 2014 at 2:43 PM, Stephen Gallagher <sgallagh at redhat.com> wrote:
> 
> [. . .]
> 
> > SELinux working with it now.
> > <mclasen> dargo01: I think that statement may be evolving ?
> > <sgallagh> And Docker is moving to systemd-nspawn and away from lxc
> > <mclasen> but certainly valuable to raise the question on the list,
> > and see if lennart, dan or dan want to chime in
> > <drago01> sgallagh: "Note that even though these security precautions
> > are taken systemd-nspawn is not suitable for secure container setups.
> > Many of the security features may be circumvented and are hence
> > primarily useful to avoid accidental changes to the host system from
> > the container. The intended use of this program is debugging and
> > testing as well as building of packages, distributions and software
> > involved with boot and systems mana
> > <drago01> gement." [1]
> 
> Just to note - recently I did a test to compile libguestfs in a
> `systemd-nspawn` container. Details here[1]
> 
> A single `make` job timing to compile everything on a systemd-nspawn:
> 
>     real    31m9.792s
>     user    17m18.359s
>     sys     13m17.868s
> 
> For comparison, on the _host_, the same single `make` job timing:
> 
>     real    13m41.440s
>     user    13m5.816s
>     sys     1m9.911s

These results don't make much sense to me.  I would expect make to
take a similar time on both.

Do you have a proxy/cache that could be caching the RPMs that
yumdownloader fetches during the build?

Did you do the second build in the same directory as the first build?
'make clean' intentionally doesn't clean up some things like the
appliance and test images which require lengthy rebuilds.  You have to
use 'make maintainer-clean' or 'make distclean' instead.

libguestfs make (and especially 'make check') is a good stress-test,
but it's too complicated and irreproducible to be a good benchmark.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine.  Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/

More information about the devel mailing list