Jump to: navigation, search


1,847 bytes removed, 21:07, 24 January 2017
no edit summary
Docker wants to manage the full lifecycle of processes running inside one if its containers, which makes it important for CRIU and Docker to work closely together when trying to checkpoint and restore a container. This is being achieved by adding the ability to checkpoint and restore directly into Docker itself, powered under the hood by CRIU. This integration is a work in progress, and its status will be outlined below.
== Docker 1.10 Experimental ==
The easiest way to try CRIU and Docker together Checkpoint & Restore is to install [ this pre-compiled version of now available in the _experimental_ runtime mode for Docker]. It's based on Docker 1.10, and built with the <code>DOCKER_EXPERIMENTAL</code> build tag.  To install, download the <code>docker-1.10.0-dev</code> binary to Simply start your system. You'll need to start a docker daemon from this binary, and then you can use the same binary to communicate with that daemon. To start a docker daemon, run a command something like this:  $ docker-1.10.0-dev daemon -D --graph=/var/lib/docker-dev --host unix:///var/run/docker-dev.sock The '''graph--experimental''' and '''host''' options will prevent colliding with an existing installation of Docker, but you can replace your existing docker if desired. In another shell, you can then connect to that daemon:  $ docker-1enable the feature.10.0-dev --host unix:///var/run/docker-dev.sock run -d busybox top
=== Dependencies ===
In addition to downloading the binary above (or compiling one yourself)installing version 1.13 of Docker, you need '''CRIU''' installed on your system, with at least version 2.0. You also need some shared libraries on your system. The most likely things you'll need to install are '''libprotobuf-c''' and '''libnl-3'''. Here's an output of <code>ldd</code> on my system:
$ ldd `which criu`
=== checkpoint ===
Creating a checkpoint is There's a top level <code>checkpoint</code> sub-command in Docker command with this , which lets you create a new version of checkpoint, and list or delete an existing checkpoint. These checkpoints are stored and managed by Docker, unless you specify a custom storage path.  Here's an example of creating a checkpoint, from a container that simply logs an integer in a loop. From this point forward, commands are show using '''docker''' instead of '''docker-dev-1.10''', but if you have not installed this version globally you can use the latter.
First, we create container:
If you do this a few times you'll notice the integer increasing. Now, we checkpoint the container:
$ docker checkpoint create loopercheckpoint1
You should see that the process is no longer running, and if you print the logs a few times no new logs will be printed.
=== restore ===
Like '''Unlike creating a checkpoint''', restoring from a checkpoint is just a flag provided to the normal container '''restorestart''' is a top level command in this version of Dockercall. Continuing our example, letHere's restore the same containeran example:
$ docker restore start --checkpoint checkpoint1 looper
If we then print the logs, you should see they start from where we left off and continue to increase.
==== Restoring into a '''new''' container ====
Beyond the straightforward case of checkpointing and restoring the same container, it's also possible to checkpoint one container, and then restore the checkpoint into a completely different container. Right now that This is done by providing a custom storage path with the <code>--force</code> option, in conjunction with the <code>--imagecheckpoint-dir</code> option. Here's a slightly revised example from before:
$ docker run -d --name looper2 --security-opt seccomp:unconfined busybox \
# wait a few seconds to give the container an opportunity to print a few lines, then
$ docker checkpoint create --imagecheckpoint-dir=/tmp/checkpoint1 looper2checkpoint2
$ docker create --name looper-force clone --security-opt seccomp:unconfined busybox \
/bin/sh -c 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done'
$ docker restore start --force=true --imagecheckpoint-dir=/tmp/checkpoint1 --checkpoint=checkpoint2 looper-forceclone
You should be able to print the logs from <code>looper-forceclone</code> and see that they start from wherever the logs of <code>looper</code> end.
=== usage ===
# docker checkpoint --help Usage: docker checkpoint [OPTIONS] CONTAINER Checkpoint one or more running containers --help Print usage --image-dir directory for storing checkpoint image files --leave-running leave the container running after checkpoint --work-dir directory for storing log file
# docker restore checkpoint create --help Usage: docker restore checkpoint create [OPTIONS] CONTAINER Restore one or more checkpointed containers --force bypass checks for current container state --help Print usage --image-dir directory to restore image files from --work-dir directory for restore logCHECKPOINT
== Docker 1.12 == Create a checkpoint from a running container
More detailed instructions on running Options: --checkpoint/restore with Docker in version 1.12 will be coming in the future, but in the meantime, you must build the version of Docker available in the '''docker-dir string Use a custom checkpointstorage directory --help Print usage -restore''' branch of [[User:Boucher|Boucher]]'s fork of Docker, [ available here]. Make sure to build with running Leave the env <code>DOCKER_EXPERIMENTAL=1</code>.container running after checkpoint
The command line interface has changed from the 1.10 version. <code>docker checkpoint</code> is now an umbrella command for a few checkpoint operations. To create a checkpoint, use the <code>docker checkpoint create</code> command, which takes <code>container_id</code> and <code>checkpoint_id</code> as non-optional arguments. Example:Restore
# docker checkpoint create my_container my_first_checkpointstart --help Usage: docker start [OPTIONS] CONTAINER [CONTAINER...]
Restoring a container is now performed just as an option to <code>docker start</code>. Although typically you may create and start a container in a single step using <code>docker run</code>, under the hood this is actually two steps: <code>docker create</code> followed by <code>docker start</code>. You can also call <code>start</code> on a container that was previously running and has since been Start one or more stopped or killed. That looks something like this:containers
docker start Options: -a, --attach Attach STDOUT/STDERR and forward signals --checkpoint my_first_checkpoint my_containerstring Restore from this checkpoint --checkpoint-dir string Use a custom checkpoint storage directory --detach-keys string Override the key sequence for detaching a container --help Print usage -i, --interactive Attach container's STDIN
== Integration Status ==

Navigation menu