1,734
edits
Changes
first version of history
This page describes history of containers in Linux kernel as technology in opposite to page with project history.
== 1999 ==
* chroot() was added (?)
* Mount namespaces (mount points, filesystems etc.)
* UTS (Unix Time Sharing) namespaces
** sysname
** nodename
** release
** version
** machine
** domainname
* IPC (System V IPC resources)
* User namespaces (UID, GID)
== 2004 ==
* [https://www.kernel.org/doc/Documentation/cgroups/cpusets.txt Cpusets]<ref>[http://man7.org/linux/man-pages/man7/cpuset.7.html cpusets(7)]</ref> appeared in version 2.6.12 of the Linux kernel. Cpusets provide a mechanism for assigning a set of CPUs and Memory Nodes to a set of tasks.
== 2006 ==
* It was Paul Menage’s approach<ref>[https://www.kernel.org/doc/ols/2007/ols2007v2-pages-45-58.pdf Adding Generic Process Containers to the Linux Kernel]</ref> in 2006 of adapting the cpusets mechanism already in the mainline kernel that really moved containerization on Linux forward, requiring minimally intrusive changes with little impact on performance, code quality, complexity, and future compatibility. The result was [https://lkml.org/lkml/2006/10/20/251 generic process containers], which were later [https://lwn.net/Articles/256389/ renamed control groups], or cgroups, to reflect the fact that “this code is an important part of a container solution… it’s far from the whole thing.” Cgroups allow processes to be grouped together, and ensure that each group gets a share of memory, CPU and disk I/O; preventing any one container from monopolizing any of these resources. [http://www.toptal.com/linux/separation-anxiety-isolating-your-system-with-linux-namespaces Kernel namespaces] are another key part of a container solution, with Red Hatter Eric W. Biederman’s 2008 [https://lwn.net/Articles/528078/ user namespaces] patches being [https://lwn.net/Articles/531114/ arguably the most complex] and one of the most important namespaces in the context of containers. The implementation of user namespaces allows a process to have it’s own set of users and in particular to [http://lists.linuxfoundation.org/pipermail/containers/2012-November/031047.html allows a process root privileges inside a container], but not outside.
== 2007 ==
* Sep 2007: '''NET namespaces''' A network namespace is logically another copy of the network stack, with its own routes, firewall rules, and network interfaces. The network namespace is represented by struct net (defined in [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/include/net/net_namespace.h include/net/net_namespace.h]).
* Jul 2007: '''PID namespaces.''' Implemented in [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/kernel/pid_namespace.c kernel/pid_namespace.c] <ref>[http://marc.info/?t=118370913600004&r=1&w=2 PID namespaces patches]</ref><ref>[https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c3f2ead5a3dff9069a45560ba4d007c8ae2e2ee pid namespaces: introduce struct upid]</ref> PID namespaces.
== 2008 ==
* Feb 2008: '''memory cgroups'''<ref>[https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8cdea7c05454260c0d4d83503949c358eb131d17 Memory controller: cgroups setup]</ref>.
* Apr 2008: '''device cgroups'''<ref>[https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=08ce5f16ee466ffc5bf243800deeecd77d9eaf50 cgroups: implement device whitelist]</ref>.
== 2014 ==
* Mar 2014: NFS virtualization (client and server) support<ref>[http://marc.info/?l=linux-nfs&m=131349235221612&w=2 NFS client virtualization plan]</ref><ref>[http://marc.info/?l=linux-nfs&m=131583600130390&w=2 NFS client virtualization plan v2]</ref>.
== References ==
{{Reflist|30em}}
== See also ==
* Not so brief history of Linux Containers - Kir Kolyshkin ([http://www.slideshare.net/openvz/not-so-brief-history-of-linux-containers-kir-kolyshkin slides], [https://www.youtube.com/watch?v=e5Mz0XElYXk&feature=youtu.be&t=21m13s video])
* [http://rhelblog.redhat.com/2015/08/28/the-history-of-containers/ The History of Containers]
== 1999 ==
* chroot() was added (?)
* Mount namespaces (mount points, filesystems etc.)
* UTS (Unix Time Sharing) namespaces
** sysname
** nodename
** release
** version
** machine
** domainname
* IPC (System V IPC resources)
* User namespaces (UID, GID)
== 2004 ==
* [https://www.kernel.org/doc/Documentation/cgroups/cpusets.txt Cpusets]<ref>[http://man7.org/linux/man-pages/man7/cpuset.7.html cpusets(7)]</ref> appeared in version 2.6.12 of the Linux kernel. Cpusets provide a mechanism for assigning a set of CPUs and Memory Nodes to a set of tasks.
== 2006 ==
* It was Paul Menage’s approach<ref>[https://www.kernel.org/doc/ols/2007/ols2007v2-pages-45-58.pdf Adding Generic Process Containers to the Linux Kernel]</ref> in 2006 of adapting the cpusets mechanism already in the mainline kernel that really moved containerization on Linux forward, requiring minimally intrusive changes with little impact on performance, code quality, complexity, and future compatibility. The result was [https://lkml.org/lkml/2006/10/20/251 generic process containers], which were later [https://lwn.net/Articles/256389/ renamed control groups], or cgroups, to reflect the fact that “this code is an important part of a container solution… it’s far from the whole thing.” Cgroups allow processes to be grouped together, and ensure that each group gets a share of memory, CPU and disk I/O; preventing any one container from monopolizing any of these resources. [http://www.toptal.com/linux/separation-anxiety-isolating-your-system-with-linux-namespaces Kernel namespaces] are another key part of a container solution, with Red Hatter Eric W. Biederman’s 2008 [https://lwn.net/Articles/528078/ user namespaces] patches being [https://lwn.net/Articles/531114/ arguably the most complex] and one of the most important namespaces in the context of containers. The implementation of user namespaces allows a process to have it’s own set of users and in particular to [http://lists.linuxfoundation.org/pipermail/containers/2012-November/031047.html allows a process root privileges inside a container], but not outside.
== 2007 ==
* Sep 2007: '''NET namespaces''' A network namespace is logically another copy of the network stack, with its own routes, firewall rules, and network interfaces. The network namespace is represented by struct net (defined in [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/include/net/net_namespace.h include/net/net_namespace.h]).
* Jul 2007: '''PID namespaces.''' Implemented in [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/kernel/pid_namespace.c kernel/pid_namespace.c] <ref>[http://marc.info/?t=118370913600004&r=1&w=2 PID namespaces patches]</ref><ref>[https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c3f2ead5a3dff9069a45560ba4d007c8ae2e2ee pid namespaces: introduce struct upid]</ref> PID namespaces.
== 2008 ==
* Feb 2008: '''memory cgroups'''<ref>[https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8cdea7c05454260c0d4d83503949c358eb131d17 Memory controller: cgroups setup]</ref>.
* Apr 2008: '''device cgroups'''<ref>[https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=08ce5f16ee466ffc5bf243800deeecd77d9eaf50 cgroups: implement device whitelist]</ref>.
== 2014 ==
* Mar 2014: NFS virtualization (client and server) support<ref>[http://marc.info/?l=linux-nfs&m=131349235221612&w=2 NFS client virtualization plan]</ref><ref>[http://marc.info/?l=linux-nfs&m=131583600130390&w=2 NFS client virtualization plan v2]</ref>.
== References ==
{{Reflist|30em}}
== See also ==
* Not so brief history of Linux Containers - Kir Kolyshkin ([http://www.slideshare.net/openvz/not-so-brief-history-of-linux-containers-kir-kolyshkin slides], [https://www.youtube.com/watch?v=e5Mz0XElYXk&feature=youtu.be&t=21m13s video])
* [http://rhelblog.redhat.com/2015/08/28/the-history-of-containers/ The History of Containers]