External bind mounts
One of typical external resources when dumping a container (especially LXC/Docker) is a mount point whose root sits outside of the container's root. This situation was intended to be resolved using plugins but turned out to be common enough to introduce a built-in way of handling it.
What is external bind mount
The way to create such is simple as
mkdir /root mount --bind /foo /root/bar chroot /root
This is it. From now on, the /bar file is a mountpoint whose root (the source) is not accessible directly.
If you look at the /proc/$pid/mountinfo file of a task seeing such you would see smth like
11 23 8:3 /root / ... - ext4 /dev/sda1 ... 23 34 8:3 /foo /bar ... - ext4 /dev/sda1 ...
The columns 4 and 5 are root and mountpoint respectively. You can see, that the / is /root file from /dev/sda1 device and /bar file is a mountpoint with the root being /foo file from the same device.
How to teach CRIU to dump them
By default CRIU doesn't dump such mountpoints, because there's no way CRIU will be able to restore it -- the root of these mounts is out of scope of what CRIU dumped. In the logs you would see a message like
34:/bar doesn't have a proper root mount
which means the mountpoint /bar has inaccessible root.
To dump and restore them there's the
--external mnt[KEY]:VAL option that sets up external mounts root mapping.
On dump, KEY is a mountpoint inside container, and corresponding VAL is a string that will be written into the image as mountpoint's root value.
On restore, KEY is the value from the image (VAL from dump), and the VAL is the path on host that will be bind-mounted into container (to the mountpoint path from image).
For example, if we want to dump the task above we should call
criu dump ... --external mnt[/bar]:barmount
barmount is an arbitrary identifier, that will be put in the image file instead of the original root path
criu show -f mountpoints.img -F mnt_id,root,mountpoint mnt_id: 0x22 root: barmount mountpoint: /bar
On restore we should tell CRIU where to bind mount the
barmount from like this
criu restore ... --external mnt[barmount]:/foo
With this CRIU will bind mount the /foo into proper mountpoint.
In case one wants CRIU to autodetect and dump all the external bind mounts, and there is no need to change host mount points on restore, one can use a special syntax:
criu dump ... --external mnt:flags
Note here is nothing inside square brackets, and the optional
:flags argument can contain the following characters:
- Also enable dumping of external master mounts (as in
- Also enable dumping of external shared mounts (as in
By default, neither master nor shared external mounts are not dumped (if found, dump is aborted). Note if
flags are not given, semicolon is optional.
criu dump ... --external 'mnt'
Auto detect and dump all external bind mounts.
criu dump ... --external 'mnt:s'
Auto detect and dump all external bind mounts, including the shared ones.
criu dump ... --external 'mnt:sm'
Auto detect and dump all external bind mounts, including the shared and the master ones.
For now the same behavior is configured with the
--ext-mount-map KEY:VAL option. Soon this option will be deprecated.