--- /dev/null
+subhost scripts
+===============
+
+This is the script collection for a bespoke "sub host" platform for
+running sandboxed services directly on the infrastructure hosts rather
+than within virtual machines (VM).
+
+It sets up the sub hosts fully within the $SUBHOST directory tree,
+originally +/opt/subhost+, and each subhost system is represented
+there as its own directory tree whose top level contains the
+following:
+
+ * +config+ is a bash include file that declares the subhost setup for
+ the control script.
+
+ * +live+ is the root of the subhost filesystem when activated. It
+ gets set up either as an +rbind+ mount of the subhost +root+ or as an
+ +overlay+ mount placing the subhost +root+ over a common, read-only
+ base filesystem.
+
+ * +root+ is the directory that contains the subhost filesystem (root
+ filesystem). This may be the file system in full, or the writable
+ part of the overlay filesystem.
+
+ * +work+ is the work directory for the overlay mount, unless the
+ subhost is equipped with an image file for its root filesystem (in
+ which case that image file offers the work directory)
+
+ * +mnt+ is optional. It is used as the mount target for the image
+ file when the subhost has one.
+
+ * +$SUB.img+ (for the subhost named +$SUB+)is the optional image file
+ for a subhost. The image file must itself have top directories
+ +/root+ and +/work+ which then are used instead of those of the
+ subhost tree. I.e. with an image file, the overlay root portion is at
+ +$SUB/mnt/root+ and the associated work directory is at
+ +$SUB/mnt/work+ (following the mounting of the image +$SUB.img+ onto
+ +mnt+.
+
+Networking
+----------
+
+Each subhost +$SUB+ gets set up with a network namespace +$SUB+, with
++veth+ virtual cabling for the +$BRIDGES+ it is declared to attach to.
+
+The cable interfaces show up inside the +$SUB+ namespace as +eth0+,
++eth1+, etc., while the host side interfaces have +$SUB+ as prefix,
+followed be the same number.
+
+
+Examples
+--------
+
+. start a subhost named +future+
+----
+# ./control start future
+----
+
+Starting a subhost will enter a bash shell "inside" the subhost. The
+subhost is "running" as long as that shell exists; it is basically
+like the "init" of the sandboxed subhost.
+
+When exiting a subhost, its mounts and network namespace hang around,
+but all its processes have got killed. This is like a "hibernation
+state" for the subhost, which may be restarted (without stopping)
+using the start command again.
+
+. stop a subhost named +future+
+----
+# ./control stop future
+----
+
+The stop command unmounts everything for the subhost and deletes the
+network namespace.
projects / rrq / subhost.git / commitdiff