Many of today's computing systems include computing resources that are not fully utilized. The owners of these systems often could benefit by increasing the utilization of these systems' computing resources.
A number of approaches could be adopted in order to increase utilization. Under a “consolidation” approach, the processes and data of multiple parties might be co-located on a single hardware unit in order to more fully utilize the resources of the hardware unit. Under the consolidation approach, multiple parties might share a single hardware unit's resources, including file systems, network connections, and memory structures. For example, multiple businesses might have separate websites that are hosted by the same server.
However, some of the parties might not know or trust each other. In some cases, some of the parties actually might be competitors with others of the parties. Under such circumstances, each party would want to ensure that its processes and data were shielded, or isolated, from access by other parties and those other parties' processes.
Mechanisms that would isolate one party's processes and data from other parties sharing the same hardware unit have been proposed. For example, a “jail” mechanism provides the ability to partition an operating system environment (“OSE”) into a “non-jailed” environment and one or more “jailed” environments. The jail mechanism allows users, processes, and data to be associated with a jailed environment. For example, one group of users, processes, and data may be associated with one jailed environment, and another group of users, processes, and data may be associated with another jailed environment. The jail mechanism restricts users and processes that are associated with a particular jailed environment from accessing processes and data that are associated with environments (both jailed and non-jailed) other than the particular jailed environment.
Some OSEs provide a statistics recording mechanism that records statistics that pertain to one or more resources that are defined within the OSE. For example, the resources defined within an OSE might include one or more separate Network File System (“NFS”) mounts. Each NFS mount might be associated with a separate statistical data structure. When data is written to a particular NFS mount, the statistics recording mechanism might update, for example, information in the particular NFS mount's associated statistical data structure. The information might include, for example, an indication of the quantity of data that has been written to the particular NFS mount.
As discussed above, an OSE may be partitioned into a non-jailed environment and one or more jailed environments. However, no previous statistics recording approaches contemplated multiple partitions within an OSE. Because previous statistics recording approaches did not contemplate a partitioned OSE, previous statistics recording approaches do not account for certain security and scope issues that do not arise in non-partitioned OSEs.