Podman

From CRIU
Jump to: navigation, search

This article describes the status of CRIU integration with Podman, and how to use it.

Container Checkpoint/Restore[edit]

Podman supports checkpointing and restoring since version 0.10.1 (October 2018). This initial support only supports checkpointing and restoring containers on the same host:

# podman run -d --name looper busybox /bin/sh -c \
         'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done'

You can verify that the container is running by observing its logs:

# podman logs -l

Or by running podman ps.

If you do this a few times you will notice that the integers are increasing. Now the container can be checkpointed:

# podman container checkpoint -l

Once the container is checkpointed it will be no longer visible in podman ps.

The following command can be used to restore the container:

# podman container restore -l

Using podman logs -l or podman ps it can be verified that the container was restored and that it continued running from the point in time when it was checkpointed.

This requires at least CRIU 3.11.

There is one recording demonstrating Podman's checkpoint/restore support:

Container Live Migration[edit]

To be actually able to migrate a container from one system to another at least Podman version 1.4.0 (June 2019) is required. With version 1.4.0 Podman is now able to export a complete checkpoint which can then be transferred:

# podman run -d --name looper busybox /bin/sh -c \
         'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done'
# podman container checkpoint -l --export=/tmp/chkpt.tar.gz
# scp /tmp/chkpt.tar.gz <destination-host>:/tmp

Once the checkpoint archive has been transferred to the destination system the container can there be restored from the checkpoint archive:

# podman container restore --import=/tmp/chkpt.tar.gz

Now the container continues to run from the same point where it was previously checkpointed on the source system.

From a checkpoint archive it is also possible to restore multiple copies of a container with different names:

# podman container restore --import=/tmp/chkpt.tar.gz -n looper1
# podman container restore --import=/tmp/chkpt.tar.gz -n looper2
# podman container restore --import=/tmp/chkpt.tar.gz -n looper3

Each of these restored containers will be running from the point in time the container was checkpointed.

One important limitation is that the container cannot modify the file-system. If a container modifies the file-system, these modified directories either have to be mounted into the container (-v) or these directories have to be marked as --tmpfs.

This requires at least CRIU 3.12 (3.12.1 with full SELinux support).

There are two recordings demonstrating Podman's container migration feature: