Line 1: |
Line 1: |
− | =Requirements= | + | == Requirements == |
− | * A console should be disabled (lxc.console = none)
| |
− | * udev should not run in CT ($ mv /sbin/udevd{,.bcp})
| |
− | =Example=
| |
− | $ cat ~/test-lxc.conf
| |
− | lxc.console=none
| |
− | lxc.utsname = test-lxc
| |
− | lxc.network.type = veth
| |
− | lxc.network.flags = up
| |
− | lxc.network.link = br0
| |
− | lxc.network.name = eth0
| |
− | lxc.mount = /root/test-lxc/etc/fstab
| |
− | lxc.rootfs = /root/test-lxc-root/
| |
| | | |
− | $ cat /root/test-lxc/etc/fstab
| + | You should have built and installed a recent (>= 1.3.1) version of CRIU. |
− | none /root/test-lxc-root/dev/pts devpts defaults 0 0
| |
− | none /root/test-lxc-root/proc proc defaults 0 0
| |
− | none /root/test-lxc-root/sys sysfs defaults 0 0
| |
− | none /root/test-lxc-root/dev/shm tmpfs defaults 0 0
| |
| | | |
− | $ lxc-create -n test-lxc -f test-lxc.conf | + | == Checkpointing and restoring a container == |
− | $ mount -t cgroup c /cgroup
| + | |
− | $ mount --bind test-lxc test-lxc-root/ | + | LXC upstream has begun to integrate checkpoint/restore support through the lxc-checkpoint tool. This functionality has been in the recent released version of LXC---LXC 1.1.0 , you can install the LXC 1.1.0 or you can check out the development version on Ubuntu by doing: |
− | $ lxc-start -n test-lxc
| + | <source lang="bash"> |
| + | sudo add-apt-repository ppa:ubuntu-lxc/daily |
| + | sudo apt-get update |
| + | sudo apt-get install lxc |
| + | </source> |
| + | |
| + | Next, create a container: |
| + | |
| + | <source lang="bash"> |
| + | sudo lxc-create -t ubuntu -n u1 -- -r trusty -a amd64 |
| + | </source> |
| + | |
| + | And add the following lines (as above) to its config: |
| + | |
| + | <source lang="bash"> |
| + | cat | sudo tee -a /var/lib/lxc/u1/config << EOF |
| + | # hax for criu |
| + | lxc.console.path = none |
| + | lxc.tty.max = 0 |
| + | lxc.cgroup.devices.deny = c 5:1 rwm |
| + | # on older lxc comment the above and uncomment the below |
| + | # lxc.console = none |
| + | # lxc.tty = 0 |
| + | # lxc.cgroup.devices.deny = c 5:1 rwm |
| + | EOF |
| + | </source> |
| + | |
| + | Finally, start, and checkpoint the container: |
| + | |
| + | <source lang="bash"> |
| + | sudo lxc-start -n u1 |
| + | sleep 5s # let the container get to a more interesting state |
| + | sudo lxc-checkpoint -s -D /tmp/checkpoint -n u1 |
| + | </source> |
| + | |
| + | At this point, the container's state is stored in /tmp/checkpoint, and the filesystem is in /var/lib/lxc/u1/rootfs. You can restore the container by doing: |
| + | |
| + | <source lang="bash"> |
| + | sudo lxc-checkpoint -r -D /tmp/checkpoint -n u1 |
| + | </source> |
| + | |
| + | And then, get your container's IP and ssh in: |
| + | |
| + | <source lang="bash"> |
| + | ssh ubuntu@$(sudo lxc-info -i -H -n u1) |
| + | </source> |
| + | |
| + | == Troubleshooting == |
| + | |
| + | === Error (mount.c:805): fusectl isn't empty: 8388625 === |
| + | |
| + | Dumping of fuse filesystems is currently not supported. Empty the container's <code>/sys/fs/fuse/connections</code> and try again. |
| + | |
| + | === Error (mount.c:517): Mount 58 (master_id: 12 shared_id: 0) has unreachable sharing === |
| + | |
| + | CRIU doesn't yet support shared mountpoints as LXC does; make sure your rootfs is on a non-shared mount. |
| + | |
| + | == External links == |
| + | |
| + | * [https://www.youtube.com/watch?v=a9T2gcnQg2k&feature=youtu.be&t=18m8s The New New Thing: Turning Docker Tech into a Full Speed Hypervisor] - Talk of Tycho Andersen with demo of migration LXC container with Doom inside |
| + | * [https://github.com/tych0/presentations/blob/master/ods2014.md Demo script] |
| + | |
| + | [[Category: HOWTO]] |
| + | [[Category: Live migration]] |