CRIU-RPC is a remote procedure call (RPC) protocol which uses Google Protocol Buffers to encode its calls. The requests are served by CRIU service launched with criu service
command. It uses a SEQPACKET Unix domain socket listening at /var/run/criu-service.socket
as a transport.
The criu_req/criu_resp are two main messages for requests/responses. They are to be used for transferring messages and needed to provide compatibility with an older versions of rpc. Field type in them must be set accordingly to type of request/response that is stored. Types of request/response are defined in enum criu_req_type. See the API compliance page for information what each option might mean.
Protocol
The protocol is simple -- client connect to service, send a criu_req message to server, server responds back with criu_resp and closes the socket. There are three exceptions from this rule, see below.
Request
This is the header of the request. It defines the operation requested and options.
message criu_req { required criu_req_type type = 1; optional criu_opts opts = 2; optional notify_success = 3; /* see Notifications below */ optional keep_open = 4; /* for multi-req, below */ }
There are 8 request/response types for now.
enum criu_req_type { EMPTY = 0; DUMP = 1; /* criu dump */ RESTORE = 2; /* criu restore */ CHECK = 3; /* criu check */ PRE_DUMP = 4; /* criu pre-dump */ PAGE_SERVER = 5; /* criu page-server */ NOTIFY = 6; /* see Notifications below */ CPUINFO_DUMP = 7; /* criu cpuinfo dump */ CPUINFO_CHECK = 8; /* criu cpuinfo check */ }
message criu_opts { required int32 images_dir_fd = 1; optional int32 pid = 2; /* if not set on dump, will dump requesting process */ optional bool leave_running = 3; optional bool ext_unix_sk = 4; optional bool tcp_established = 5; optional bool evasive_devices = 6; optional bool shell_job = 7; optional bool file_locks = 8; optional int32 log_level = 9 [default = 2]; optional string log_file = 10; /* No subdirs are allowed. Consider using work-dir */ optional criu_page_server_info ps = 11; optional bool notify_scripts = 12; optional string root = 13; optional string parent_img = 14; optional bool track_mem = 15; optional bool auto_dedup = 16; optional int32 work_dir_fd = 17; optional bool link_remap = 18; repeated criu_veth_pair veths = 19; optional uint32 cpu_cap = 20 [default = 0xffffffff]; optional bool force_irmap = 21; repeated string exec_cmd = 22; repeated ext_mount_map ext_mnt = 23; optional bool manage_cgroups = 24; repeated cgroup_root cg_root = 25; optional bool rst_sibling = 26; /* swrk only */ }
Comments and examples
- If no pid is set and type is DUMP, CRIU will dump client process by default.
- All processes in the subtree starting with <pid> must have the same uid, as a client, or client's uid must be root (uid == 0), otherwise CRIU will return error.
- Only the images_dir_fd is required, all other fields are optional. Client must open directory for/with images by himself and set images_dir_fd to it's fd. CRIU will open /proc/<client's_pid>/fd/<images_dir_fd>.
The logic of setting request is the same as when setting options in console. Here is an example:
#criu restore -D /path/to/imgs_dir -v4 -o restore.log
is equal to:
request.type = RESTORE; request.opts.imgs_dir_fd = open("/path/to/imgs_dir") request.opts.log_level = 4 request.opts.log_file = "restore.log"
Sub-messages for options
- Info about page-server.
message criu_page_server_info { optional string address = 1; /* bind address -- if not set 0.0.0.0 is used */ optional int32 port = 2; /* bind port -- if not set on request, autobind is used and port is returned in response */ optional int32 pid = 3; /* page-server pid -- returned in response */ optional int32 fd = 4; /* could be used to inherit fd by page-server */ }
- If port is 0 server will auto-bind and the port will be returned back in responce.
message criu_veth_pair { required string if_in = 1; /* inside veth device name */ required string if_out = 2; /* outside veth device name */ };
- Info about veth mappings (--ext-mount-map analogue)
message ext_mount_map { required string key = 1; required string val = 2; };
- Specifying where cgroup root should be (--cgroup-root analogue)
message cgroup_root { optional string ctrl = 1; required string path = 2; };
Response
This message is sent after (un)successful execution of the request.
message criu_resp { required criu_req_type type = 1; required bool success = 2; optional criu_dump_resp dump = 3; optional criu_restore_resp restore = 4; optional criu_notify notify = 5; optional criu_page_server_info ps = 6; optional int32 cr_errno = 7; }
Field "success" reports result of processing request, while criu_***_resp store some request-specific information. The response type is set to the corresponding request type or to EMPTY
to report a "generic" error. If success == false one should check cr_errno field to get a more detailed error code(see include/cr-errno.h).
- The criu_dump_resp is used to store response from DUMP request.
message criu_dump_resp { optional bool restored = 1; }
This message can be sent twice -- one for the process that calls DUMP and the other for the same process again if it requested a self-dump. In the latter case the restored field would be true.
- The response on RESTORE request.
message criu_restore_resp { required int32 pid = 1; }
Field "pid" is set to the PID of the newly restored process.
- Info about page server
The criu_page_server_info from requests will be sent back on PAGE_SERVER request. The port field will contain the port to which server is bound.
Notifications
If the opts.notify_scripts in the request is set to TRUE CRIU would report back resp messages with type set to NOTIFY and this field present. The notifications are the way action scripts work for RPC mode.
message criu_notify { optional string script = 1; optional int32 pid = 2; }
After handling the notification the client must response with the request again with the type set to NOTIFY and the notify_success set to the successfulness of the notification. In case of successful notification acknowledge the server doesn't close the socket and continues to work.
Pre-dumps
Before issuing a DUMP request client may send one or more PRE_DUMP requests. Once the PRE_DUMP is sent and response is received, client may send one more PRE_DUMP or DUMP request. The server would only close the socket after the DUMP one.
Multi-request mode
If the req.keep_open flag is set to true server will not close the socket after response, but will wait for more requests. This mode is supported only for the following request types:
- PRE_DUMP (automatically)
- PAGE_SERVER
- CPUINFO_DUMP and CPUINFO_CHECK
Run
Server
On a server side, CRIU creates SOCK_SEQPACKET Unix socket and listens for connections on it. After receiving criu_req, CRIU processes it, do what is requested and sends criu_resp with set request-specific criu_***_resp field back. If CRIU gets unknown type of request, it will return criu_resp with type == EMPTY and success == false.
To launch service server, run:
#criu service [options]
Options accepted by service are
- --address <path>
- is where to put listening socket
- --pid-file <path>
- is where to write pid of service process
- --daemon
- tells service to daemonize
- -o <file>
- says where to write logs
- -v[N]
- sets the log-level
systemd
If you are running systemd you can make service start and operate automatically. First do
make install
to make files criu.service
and criu.socket
appear in systemd configs (/lib/systemd/system/
). Then
systemctl start criu.socket
to get /var/run/criu-service.socket, and
systemctl enable criu.socket
to make /var/run/criu-service.socket available at boot.
Client
Client, in its turn, must connect to service socket, send criu_req with request in it, and wait for a criu_resp with response. You can find examples of client programs in C and Python in test/rpc/.
With RPC facilities one can perform a self dump.
There's a library that implements simple wrappers on top of RPC.
SWRK mode
This mode turns on when one fork() + exec()
CRIU with the swrk
action and one more argument specifying the number of descriptor with seqpacket unix socket. With this CRIU works as service worker task accepting standard RPC requests via the mentioned socket and using one to do action scripts notifications and result reporting.