Difference between revisions of "CLI"

From CRIU
Jump to navigation Jump to search
(add deprecated stuff)
 
(15 intermediate revisions by 3 users not shown)
Line 1: Line 1:
Since the tools and overall concept are still under heavy development, there are some known limitations applied, in particular only pure x86-64 environment is supported, no IA32 emulation allowed.
+
This is a collection of articles describing specific CRIU command line options.
  
== Synopsis ==
+
== Actions ==
<pre>
+
{{Special:PrefixIndex/CLI/cmd/|stripprefix=1}}
criu <command> -t <pid> [<options>]
 
</pre>
 
 
 
== Description ==
 
criu is command line utility to steer checkpoint and restore procedure.
 
  
 
== Options ==
 
== Options ==
<pre>
+
{{Special:PrefixIndex/CLI/opt/|stripprefix=1}}
<command>::
 
    One of the following commands
 
        * 'dump'
 
                to initiate checkpoint procedure
 
        * 'restore'
 
                to restore previously checkpointed processes
 
        * 'show'
 
                to decode binary dump files and show their contents in human
 
                readable format
 
        * 'check'
 
                to test whether the kernel support is up-to-date
 
        * 'exec'
 
                to execute a system call from another task's context
 
        * 'page-server'
 
                to launch a page-server
 
        * 'service'
 
                to start RPC service
 
 
 
-c::
 
    In case of 'show' command the dumped pages content will be shown in hex format.
 
 
 
-D <path>::
 
    Use path 'path' as a base directory where to look for dump files set. This
 
    commands allpies to any <command>.
 
 
 
-s::
 
    Leave tasks in stopped state after checkpoint instead of killing them.
 
 
 
-f <file>::
 
    This option is valid for 'show' command only and allows to see content of
 
    the <file> specified.
 
 
 
-t <pid>::
 
    Checkpoint the whole process tree starting from 'pid'.
 
 
 
-d::
 
    Detach criu itself once restore is complete.
 
 
 
-n <ns>::
 
    Checkpoint namespaces. Namespaces must be separated by comma.
 
    We now support all namespaces -- uts, ipc, net and mnt
 
 
 
-o <file>::
 
    Write logging messages to 'file'.
 
 
 
-v <num>::
 
    Set logging level to 'num'. Valid options are: 0 - (silent, error messages
 
    only), 1 - informative (default), 2 - debug messages.
 
</pre>
 
 
 
== Examples ==
 
 
 
First thing to do is to check the kernel support being up-to-date with the
 
 
 
<pre>
 
# criu check
 
</pre>
 
 
 
command. If it says "Looks good", then you can proceed, otherwise dump/restore may not work. If you are using the mainstream kernel, but not our one with some custom patches applied, you should try the
 
 
 
<pre>
 
# criu check --ms
 
</pre>
 
 
 
command instead. If will skip checking for some kernel functionality, that is known to be not yet merged upstream (criu knows how to work without it, though it's sometimes not correct).
 
  
To checkpoint a program with pid 1234 and write all image files into directory checkpoint one should type
+
== Deprecated stuff ==
  
<pre>
+
=== Actions ===
# criu dump -D checkpoint -t 1234
+
{{Special:PrefixIndex/CLI/deprecated/cmd/|stripprefix=1}}
</pre>
 
  
To restore this program detaching criu itself, one should type
+
=== Options ===
 +
{{Special:PrefixIndex/CLI/deprecated/opt/|stripprefix=1}}
  
<pre>
+
== See also ==
criu restore -d -D checkpoint
 
</pre>
 
 
 
"Detaching" (the <code>-d</code> option) here means, that criu will exit after restoring the processes
 
and the latter will get re-parent-ed to the init task.
 
 
 
To close a file descriptor number 1 in task with pid 1234 run
 
 
 
<pre>
 
criu exec -t 1234 close 1
 
</pre>
 
 
 
To open a file named /foo/bar for read-write in the task with pid 1234 run
 
 
 
<pre>
 
criu exec -t 1234 open '&/foo/bar' 2
 
</pre>
 
 
 
== Security ==
 
 
 
Due to restrictions imposed by several kernel APIs CRIU uses, the tools can only work with run with root privileges. However, if the node administrator sets the +suid bit on the criu binary, or runs criu as an [[RPC]] service, criu will be able to work on behalf of regular user.
 
 
 
In the latter case, the following security restrictions would apply:
 
* criu will refuse to dump or restore processes whose <code>[se]?[ug]id</code> is not equal to the corresponding value of the calling user
 
* criu will refuse to dump or restore any bits set in any capability set
 
 
 
== Further reading ==
 
  
 
* [[Advanced usage]] article for more options
 
* [[Advanced usage]] article for more options
* [[Remote syscall execution]] article for 'exec' command info
+
* [[RPC]] -- an API to C/R functionality
 +
* [[API compliance]]
 
* [[:Category:HOWTO]]
 
* [[:Category:HOWTO]]
* A set of articles about live migration:
+
 
** [[Live migration]]
+
[[Category: API]]
** [[Iterative migration]]
 
** [[Disk-less migration]]
 
* [[Statistics]]
 
* [[RPC]] API to C/R functionality
 

Latest revision as of 19:32, 20 September 2016