Commit Graph

1331 Commits

Author SHA1 Message Date
boucher 3d59a7fe8b Refactor saving fds slightly, set the restored process fds correctly.
Docker-DCO-1.1-Signed-off-by: Ross Boucher <rboucher@gmail.com> (github: boucher)
2015-05-20 15:19:29 -07:00
boucher 38635c5a11 Move the std_fds into initProcess, and expose them in container's State
Docker-DCO-1.1-Signed-off-by: Ross Boucher <rboucher@gmail.com> (github: boucher)
2015-05-20 15:19:29 -07:00
boucher 129280ac62 Write the fd info to the image directory during a checkpoint,
and restore with the written info from a given image directory.
Also, write completely root independent ext_mount info.

These changes enable checkpointing in one container and then restoring
into a completely new container.

Docker-DCO-1.1-Signed-off-by: Ross Boucher <rboucher@gmail.com> (github: boucher)
2015-05-20 15:18:56 -07:00
Hui Kang 46dd56ba07 Change back to --page-server, PageServer should be in CriOpts struct
Docker-DCO-1.1-Signed-off-by: Hui Kang <hkang.sunysb@gmail.com>
2015-05-20 15:18:56 -07:00
Hui Kang 1d89a25aec Fix a nil pointer bug when doing local checkpoint
Docker-DCO-1.1-Signed-off-by: Hui Kang <hkang.sunysb@gmail.com>
2015-05-20 15:18:56 -07:00
Hui Kang 67636f13fb Change --page-server to --PageServer
Docker-DCO-1.1-Signed-off-by: Hui Kang <hkang.sunysb@gmail.com>
2015-05-20 15:18:56 -07:00
Hui Kang d278b830d9 Change criu command line format for page server
--page-server ADDRESS:PORT

Docker-DCO-1.1-Signed-off-by: Hui Kang <hkang.sunysb@gmail.com>
2015-05-20 15:18:56 -07:00
root 7a012fe3b5 Allow dumped image to be transferred to a criu page server
--page-server to specify the IP address of criu page server
--port to specify the port of the criu page server

Docker-DCO-1.1-Signed-off-by: Hui Kang <hkang.sunysb@gmail.com>
2015-05-20 15:18:56 -07:00
boucher 4fc7543317 Don't write a "checkpoint" file if the process is left running.
Docker-DCO-1.1-Signed-off-by: Ross Boucher <rboucher@gmail.com> (github: boucher)
2015-05-20 15:18:56 -07:00
boucher a8d5fdf1fd Add support for providing options to CRIU.
In order to do more complex things with checkpointing
and restoring of containers it's necessary to have
control over where the image files are being saved
and whether or not to kill the running process. It's
possible more flags will be wanted in the future.

Some things probably should always be auto-configured
by libcontainer though.

Docker-DCO-1.1-Signed-off-by: Ross Boucher <rboucher@gmail.com> (github: boucher)
2015-05-20 15:18:56 -07:00
Andrey Vagin cbe747d989 cr: add a comment about bind-mounting root in a tmp dir
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
Andrey Vagin eaa35f552e cr: add network support
We need to enumirate all veth devices on restore and handle
{un,}lock-network notifications.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
boucher 032aca342e Exclude the root path from mount point paths.
This change was necessary for me to get criu/libcontainer running inside of Docker.

Docker-DCO-1.1-Signed-off-by: Ross Boucher <rboucher@gmail.com> (github: boucher)
2015-05-20 15:18:56 -07:00
Andrey Vagin 328786f70e cr: don't remove images after restore
This code was added when images were saved in a factory root directory and in
addition this directory was used as a flag.

Now an user can decide when images can be removed.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
Andrey Vagin 553b8be2d0 cr: prepare a container root
CRIU has following requirements for a container root:
* it is a mount point
* a parent mount point isn't over-mounted

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
Andrey Vagin 39795424db cr: user criu swrk to dump CT
criu swrk allows to rollback if the /ROOT/CRID/checkpoint
file can't be created. In a future it will be used for locking network.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
Andrey Vagin 6f1d940b8e cr: split the Restore function
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
Andrey Vagin 65f9b1bd84 cr: handle criu notifications in a separate function
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
Andrey Vagin 522f7b36ff cr: Add an ability to specify path for images
the emptye /ROOT/CTID/checkpoint file is created to
support the Checkpointed state.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
Andrey Vagin 5fb0019c45 Add the Checkpointed state
I don't like the current logic in ct.Destroy(). I think ct.Destroy
must destoy ct or return an error.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
Andrey Vagin f5fad10193 protobuf: workaround a go vet error
vendor/src/github.com/golang/protobuf/proto/all_test.go:1284: result of fmt.Sprintf call not used

Do we really need to execute go vet for vendor? I don't find how to exclude them.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
Andrey Vagin 5231fbf143 Dockerfile: don't call go get
Everything must be in vendor/

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:56 -07:00
Andrey Vagin 5df3a07b5f cr: split work and image directories
This directory can be removed when criu completes.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:55 -07:00
Andrey Vagin e0f87e2f23 cr: check criu version
CRIU version must be 1.5.1 or higher

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:55 -07:00
Andrey Vagin b836046422 cr: use the RPC protocol for communication with criu
criu swrk is a special mode when we don't want to execute a service,
but want to use RPC.

Here is more details:
http://lists.openvz.org/pipermail/criu/2015-March/019400.html

Another good feature of this mode is that we don't need to create
action scripts and we will be able to remove the hack with saving StdFds.

criu swrk is supported starting with CRIU 1.5.1.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:55 -07:00
Andrey Vagin c920f5fe75 cr: add criu_rpc.proto
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:55 -07:00
Andrey Vagin c0640ae461 vendor: add protobuf
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:18:55 -07:00
Andrey Vagin 0eea415019 ct: execute CRIU restore with the --restore-detached option
In this case CRIU will exit after restoring processes. Here is
no reason to wait the init process.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:17:59 -07:00
Andrey Vagin e75d0228cc cr: wait the criu process properly
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:17:59 -07:00
Andrey Vagin b28fbb20a3 cr: don't umount rootfs which was not mounted by us
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:17:59 -07:00
Andrey Vagin f705221b4a go: fmt
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-05-20 15:17:59 -07:00
Saied Kazemi 9212f68293 Some C/R bug fixes and changes in the new libcontainer and nsinit.
This is work in progress, integrating C/R support from
https://github.com/SaiedKazemi/docker/tree/cr into the
new libcontainer and nsinit.

Signed-off-by: Saied Kazemi <saied@google.com>
2015-05-20 15:17:59 -07:00
Michael Crosby 406f32a774 Set default criu binary
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2015-05-20 15:17:34 -07:00
Michael Crosby f15aba685b Update criu support with restored processes
Also use pipes for non tty so that the parent's tty of the nsinit
process does not leak into the conatiner.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2015-05-20 15:17:34 -07:00
Michael Crosby da009f5710 Add nsinit support for checkpoint and restore
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2015-05-20 15:16:13 -07:00
Michael Crosby 6fec5923e3 Add Checkpoint and Restore methods to Container
Containers support checkpointing and restore via criu(8) for linux
containers.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2015-05-20 15:15:36 -07:00
Michael Crosby a4a648ce30 Merge pull request #583 from jhowardmsft/master
Windows: Initial compilation enablement
2015-05-18 11:11:08 -07:00
Michael Crosby ef5240072a Merge pull request #562 from mrunalp/sys_prop_flag
Add a flag for specifying system properties.
2015-05-18 11:08:32 -07:00
Alexander Morozov ec538cae1a Merge pull request #542 from sayuan/fix-rand-mac
Set the seed when randMacAddr
2015-05-18 09:51:59 -07:00
Mrunal Patel b38cce017b Add a flag for specifying system properties.
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2015-05-16 22:10:30 -04:00
Mrunal Patel 94e6c73a32 Merge pull request #596 from shurcooL/patch-1
Fix nsenter package on unsupported platforms.
2015-05-16 18:24:18 -07:00
Dmitri Shuralyov 22eb88ec49 Fix nsenter package on unsupported platforms.
Commit 4d1d6185ab added this nsenter_unsupported.go file in order for nsenter to be a valid (but empty, non-functional) Go package on unsupported platforms. However, on such platforms, Go still complains because there exists a .c file in this folder, but the package doesn't use cgo.
Fix that by importing "C" pseudo-package.

Signed-off-by: Dmitri Shuralyov <shurcooL@gmail.com>
2015-05-15 17:32:44 -07:00
John Howard c712fa0814 Windows: Initial compilation enablement
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-05-15 15:26:17 -07:00
Michael Crosby 7adbe0f728 Merge pull request #589 from Mashimiao/cgroup-systemd-add-freezer-set
cgroup: Add freeze Set When calls systemd to Apply
2015-05-15 10:23:38 -07:00
Michael Crosby fabd8e98be Merge pull request #582 from Mashimiao/add-cgroup-subsystem-net_cls
cgroups: add support for net_cls
2015-05-15 10:22:54 -07:00
Alexander Morozov 5562cadd49 Merge pull request #591 from hqhq/hq_add_kmemlimit
Add support for kmem limit
2015-05-15 08:45:19 -07:00
Victor Marmol 6dd5d073b3 Merge pull request #590 from hqhq/hq_fix_stacktrace_panic
Fix stacktrace panic
2015-05-15 08:37:21 -07:00
Qiang Huang 676be0c5f8 Add support for kmem limit
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-05-15 14:24:56 +08:00
Qiang Huang 12fd655de4 Fix stacktrace panic
According to https://golang.org/src/runtime/symtab.go?s=3423:3455#L94
It is possibile that runtime.FuncForPC() returns nil, don't know how
but I do met this problem when some kernel config problems cause
`p.createNetworkInterfaces` return error.

panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xb code=0x1 addr=0x0]

goroutine 74 [running]:
github_com_docker_libcontainer_stacktrace.NewFrame
        /go/src/github.com/docker/docker/vendor/src/github.com/docker/libcontainer/stacktrace/frame.go:12
github_com_docker_libcontainer_stacktrace.Capture
        /go/src/github.com/docker/docker/vendor/src/github.com/docker/libcontainer/stacktrace/capture.go:18
libcontainer.newSystemError
        /go/src/github.com/docker/docker/vendor/src/github.com/docker/libcontainer/generic_error.go:48
github_com_docker_libcontainer.start.pN42_github_com_docker_libcontainer.initProcess
        /go/src/github.com/docker/docker/vendor/src/github.com/docker/libcontainer/process_linux.go:177
github_com_docker_libcontainer.Start.pN45_github_com_docker_libcontainer.linuxContainer
        /go/src/github.com/docker/docker/vendor/src/github.com/docker/libcontainer/container_linux.go:102
github_com_docker_docker_daemon_execdriver_native.Run.pN56_github_com_docker_docker_daemon_execdriver_native.driver
        /go/src/github.com/docker/docker/.gopath/src/github.com/docker/docker/daemon/execdriver/native/driver.go:149
github_com_docker_docker_daemon.Run.pN38_github_com_docker_docker_daemon.Daemon
        /go/src/github.com/docker/docker/.gopath/src/github.com/docker/docker/daemon/daemon.go:1007
github_com_docker_docker_daemon.Start.pN48_github_com_docker_docker_daemon.containerMonitor
        /go/src/github.com/docker/docker/.gopath/src/github.com/docker/docker/daemon/monitor.go:138
promise.$nested0
        /go/src/github.com/docker/docker/.gopath/src/github.com/docker/docker/pkg/promise/promise.go:8
created by github_com_docker_docker_pkg_promise.Go
        /go/src/github.com/docker/docker/.gopath/src/github.com/docker/docker/pkg/promise/promise.go:7

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-05-15 13:09:46 +08:00
Ma Shimiao d095c66ba6 cgroup: add freeze Set When calls systemd to Apply
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2015-05-15 10:39:04 +08:00