Line 5: |
Line 5: |
| Podman supports checkpointing and restoring since version 0.10.1 (October 2018). This initial support only supports checkpointing and restoring containers on the same host: | | Podman supports checkpointing and restoring since version 0.10.1 (October 2018). This initial support only supports checkpointing and restoring containers on the same host: |
| | | |
− | $ podman run -d --name looper busybox /bin/sh -c \ | + | # podman run -d --name looper busybox /bin/sh -c \ |
| 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done' | | 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done' |
| | | |
| You can verify that the container is running by observing its logs: | | You can verify that the container is running by observing its logs: |
| | | |
− | $ podman logs -l | + | # podman logs -l |
| | | |
| Or by running <code>podman ps</code>. | | Or by running <code>podman ps</code>. |
Line 16: |
Line 16: |
| If you do this a few times you will notice that the integers are increasing. Now the container can be checkpointed: | | If you do this a few times you will notice that the integers are increasing. Now the container can be checkpointed: |
| | | |
− | $ podman container checkpoint -l | + | # podman container checkpoint -l |
| | | |
| Once the container is checkpointed it will be no longer visible in <code>podman ps</code>. | | Once the container is checkpointed it will be no longer visible in <code>podman ps</code>. |
Line 22: |
Line 22: |
| The following command can be used to restore the container: | | The following command can be used to restore the container: |
| | | |
− | $ podman container restore -l | + | # podman container restore -l |
| | | |
| Using <code>podman logs -l</code> or <code>podman ps</code> it can be verified that the container was restored and that it continued running from the point in time when it was checkpointed. | | Using <code>podman logs -l</code> or <code>podman ps</code> it can be verified that the container was restored and that it continued running from the point in time when it was checkpointed. |
Line 36: |
Line 36: |
| To be actually able to migrate a container from one system to another at least Podman version 1.4.0 (June 2019) is required. With version 1.4.0 Podman is now able to export a complete checkpoint which can then be transferred: | | To be actually able to migrate a container from one system to another at least Podman version 1.4.0 (June 2019) is required. With version 1.4.0 Podman is now able to export a complete checkpoint which can then be transferred: |
| | | |
− | $ podman run -d --name looper busybox /bin/sh -c \ | + | # podman run -d --name looper busybox /bin/sh -c \ |
| 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done' | | 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done' |
− | $ podman container checkpoint -l --export=/tmp/chkpt.tar.gz | + | # podman container checkpoint -l --export=/tmp/chkpt.tar.gz |
− | $ scp /tmp/chkpt.tar.gz <destination-host>:/tmp | + | # scp /tmp/chkpt.tar.gz <destination-host>:/tmp |
| | | |
| Once the checkpoint archive has been transferred to the destination system the container can there be restored from the checkpoint archive: | | Once the checkpoint archive has been transferred to the destination system the container can there be restored from the checkpoint archive: |
| | | |
− | $ podman container restore --import=/tmp/chkpt.tar.gz | + | # podman container restore --import=/tmp/chkpt.tar.gz |
| | | |
| Now the container continues to run from the same point where it was previously checkpointed on the source system. | | Now the container continues to run from the same point where it was previously checkpointed on the source system. |
Line 49: |
Line 49: |
| From a checkpoint archive it is also possible to restore multiple copies of a container with different names: | | From a checkpoint archive it is also possible to restore multiple copies of a container with different names: |
| | | |
− | $ podman container restore --import=/tmp/chkpt.tar.gz -n looper1 | + | # podman container restore --import=/tmp/chkpt.tar.gz -n looper1 |
− | $ podman container restore --import=/tmp/chkpt.tar.gz -n looper2 | + | # podman container restore --import=/tmp/chkpt.tar.gz -n looper2 |
− | $ podman container restore --import=/tmp/chkpt.tar.gz -n looper3 | + | # podman container restore --import=/tmp/chkpt.tar.gz -n looper3 |
| | | |
| Each of these restored containers will be running from the point in time the container was checkpointed. | | Each of these restored containers will be running from the point in time the container was checkpointed. |
| | | |
− | One important limitation is that the container cannot modify the file-system. If a container modifies the file-system, these modified directories either have to be mounted into the container (<code>-v</code>) or these directories have to be marked as <code>--tmpfs</code>.
| + | This requires at least CRIU 3.12 (3.13 for full SELinux support). |
− | | |
− | This requires at least CRIU 3.12 (3.12.1 with full SELinux support). | |
| | | |
| There are two recordings demonstrating Podman's container migration feature: | | There are two recordings demonstrating Podman's container migration feature: |
Line 63: |
Line 61: |
| * https://asciinema.org/a/249918 | | * https://asciinema.org/a/249918 |
| * https://asciinema.org/a/249922 | | * https://asciinema.org/a/249922 |
| + | |
| + | == Checkpoint Images == |
| + | |
| + | In addition to the standard checkpoint/restore functionality described above, Podman supports checkpoint images to enable container migration across multiple systems with standard image distribution infrastructure (container registry). |
| + | |
| + | A checkpoint image can be created with the <code>--create-image <image></code> option <code>podman container checkpoint</code>. This option instructs Podman to create a standard OCI container image with a single layer that contains all checkpoint files. |
| + | |
| + | Example: |
| + | |
| + | # podman run -d --name looper busybox /bin/sh -c 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done' |
| + | # podman container checkpoint --create-image checkpoint-image-1 looper |
| + | |
| + | You can verify that the image has been created as follows: |
| + | |
| + | # podman image ls |
| + | |
| + | You can restore a container from checkpoint image as follows: |
| + | |
| + | # podman container restore <image> |
| + | |
| + | Example: |
| + | |
| + | # podman container restore checkpoint-image-1 |
| + | |
| + | Note that creating a checkpoint would not remove the container and it is not possible to have two containers with the same name. Thus, it might be necessary to restore the container with a different name: |
| + | |
| + | # podman container restore --name looper-2 checkpoint-image-1 |
| + | |
| + | Or to remove the existing container before restore: |
| + | |
| + | # podman rm looper |
| + | |
| + | A checkpoint image can be pushed to a container registry: |
| + | |
| + | # podman login quay.io |
| + | # podman container checkpoint --create-image quay.io/<username>/<reponame> looper |
| + | # podman push quay.io/<username>/<reponame> |
| + | |
| + | The content of the image layer is in the same format as a checkpoint archive created with the <code>--export</code> option. |
| + | This allows to be exported locally with <code>podman image save</code> and restored with the <code>--import</code> option. |
| + | |
| + | In addition, checkpoint images can be inspected with <code>podman inspect</code>. Inspecting a checkpoint image would display additional information, stored as annotations, about the host environment used to do the checkpoint. |
| + | |
| + | And pulled and restored on a different system: |
| + | |
| + | # podman pull quay.io/<username>/<reponame> |
| + | # podman container restore quay.io/<username>/<reponame> |
| + | |
| + | Restoring multiple containers at the same time can be achieved as follows: |
| + | |
| + | # podman run -d --name looper-1 busybox /bin/sh -c 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done' |
| + | # podman run -d --name looper-2 busybox /bin/sh -c 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done' |
| + | # podman container checkpoint --create-image checkpoint-1 looper-1 |
| + | # podman container checkpoint --create-image checkpoint-2 looper-2 |
| + | # podman rm looper-1 looper-2 |
| + | # podman container restore checkpoint-1 checkpoint-2 |