CRIU

Changes

Docker (edit)

Revision as of 16:51, 8 April 2015

89 bytes removed ,  16:51, 8 April 2015
minor formatting fixes + rm obsolete paragraph
Line 28: Line 28:  
watch this short demo
 
watch this short demo
 
'''[https://www.youtube.com/watch?v=HFt9v6yqsXo video]'''
 
'''[https://www.youtube.com/watch?v=HFt9v6yqsXo video]'''
to see how it works.  Source files for Docker 1.5 C/R is at this
+
to see how it works.  Source files for Docker 1.5 C/R are at this
 
'''[https://github.com/SaiedKazemi/docker/tree/cr repo]'''.
 
'''[https://github.com/SaiedKazemi/docker/tree/cr repo]'''.
 
The '''[https://github.com/SaiedKazemi/docker/wiki wiki]'''
 
The '''[https://github.com/SaiedKazemi/docker/wiki wiki]'''
 
page provides an overview of the project history.
 
page provides an overview of the project history.
Work in underway to integrate C/R into the new libcontainer.
+
Work in underway to integrate C/R into the new <code>libcontainer</code>.
    
For native C/R support, additional functionality was added to CRIU.
 
For native C/R support, additional functionality was added to CRIU.
Line 39: Line 39:  
== External C/R ==
 
== External C/R ==
   −
Starting with CRIU 1.3, it's possible to checkpoint and restore a
+
Starting with CRIU 1.3, it is possible to checkpoint and restore a
 
process tree running inside a Docker container.  However, it's
 
process tree running inside a Docker container.  However, it's
 
important to note that Docker needs native support for checkpoint
 
important to note that Docker needs native support for checkpoint
Line 47: Line 47:  
child of Docker and, from Docker's point of view, the container's
 
child of Docker and, from Docker's point of view, the container's
 
state will remain "Exited" (even after successful restore).
 
state will remain "Exited" (even after successful restore).
  −
Work is in progress to add native checkpoint and restore support
  −
to Docker.  Once ready, specific commands (for example, "docker
  −
checkpoint" and "docker restore") will use CRIU to do the actual
  −
C/R operations while Docker continues to maintain its parent-child
  −
relationship and container states.
      
It's important to re-emphasize that by checkpointing and restoring
 
It's important to re-emphasize that by checkpointing and restoring
Line 74: Line 68:  
However, because Docker by default uses the AUFS graph driver and
 
However, because Docker by default uses the AUFS graph driver and
 
the AUFS module in the kernel reveals branch pathnames in
 
the AUFS module in the kernel reveals branch pathnames in
/proc/<pid>/map_files, --root is used to specify the root of the
+
<code>/proc/''pid''/map_files</code>, option <code>--root</code>
 +
is used to specify the root of the
 
mount namespace.  Once the kernel AUFS module is fixed, it won't
 
mount namespace.  Once the kernel AUFS module is fixed, it won't
 
be necessary to specify this option anymore.
 
be necessary to specify this option anymore.
Line 81: Line 76:     
This option is used to specify the path of the external bind mounts.
 
This option is used to specify the path of the external bind mounts.
Docker sets up /etc/{hostname,hosts,resolv.conf} as targets with
+
Docker sets up <code>/etc/{hostname,hosts,resolv.conf}</code> as targets with
 
source files outside the container's mount namespace.  Older versions
 
source files outside the container's mount namespace.  Older versions
of Docker also bind mount /.dockerinit.
+
of Docker also bind mount <code>/.dockerinit</code>.
   −
For example, assuming the default Docker configuration, /etc/hostname
+
For example, assuming the default Docker configuration, <code>/etc/hostname</code>
 
in the container's mount namespace is bind mounted from the source
 
in the container's mount namespace is bind mounted from the source
at /var/lib/docker/containers/<container_id>/hostname.
+
at <code>/var/lib/docker/containers/''container_id''/hostname</code>.
    
=== <code>--manage-cgroups</code> ===
 
=== <code>--manage-cgroups</code> ===
Line 98: Line 93:  
=== <code>--evasive-devices</code> ===
 
=== <code>--evasive-devices</code> ===
   −
Docker bind mounts /dev/null on /dev/stdin for detached containers
+
Docker bind mounts <code>/dev/null</code> on <code>/dev/stdin</code> for detached containers
(i.e., docker run -d ...).  Since earlier versions of Docker used
+
(i.e., <code>docker run -d ...</code>).  Since earlier versions of Docker used
/dev/null in the global namespace, this option tells CRIU to treat
+
<code>/dev/null</code> in the global namespace, this option tells CRIU to treat
the global /dev/null and the container /dev/null as the same device.
+
the global <code>/dev/null</code> and the container <code>/dev/null</code> as the same device.
    
== Restore Prework ==
 
== Restore Prework ==
Line 107: Line 102:  
As mentioned earlier, by default Docker uses AUFS to set up the
 
As mentioned earlier, by default Docker uses AUFS to set up the
 
container's filesystem.  When Docker notices that the process has
 
container's filesystem.  When Docker notices that the process has
exited (due to criu dump), it dismantles the filesystem.  We need
+
exited (due to CRIU dump), it dismantles the filesystem.  We need
 
to set up the filesystem again before attempting to restore.
 
to set up the filesystem again before attempting to restore.
   Line 229: Line 224:  
</pre>
 
</pre>
   −
Optionally, you can specify -v to see the commands that docker_cr.sh
+
Optionally, you can specify <code>-v</code> to see the commands that <code>docker_cr.sh</code>
 
executes.  For example:
 
executes.  For example:
  
Retrieved from "https://criu.org/Special:MobileDiff/2359"