[CRIU] Re: [PATCH 1/4] crtools: added command-line options for reading images over network socket

Pavel Emelyanov xemul at parallels.com
Fri Aug 17 05:22:00 EDT 2012


On 08/16/2012 10:41 PM, Adrian Reber wrote:
> On Thu, Aug 16, 2012 at 07:57:47PM +0400, Pavel Emelyanov wrote:
>> On 08/16/2012 07:52 PM, Adrian Reber wrote:
>>> On Wed, Aug 15, 2012 at 02:52:41PM +0400, Pavel Emelyanov wrote:
>>>> What if we need to pass images via secure networking channel? Will we
>>>> have to wire an openssl code into crtools? Just a thought -- did you
>>>
>>> Either openssl or using something like stunnel or ssh port forwarding.
>>
>> Then your approach with re-opening sockets will significantly increase the
>> freezetime, as ssl handshake is not very fast.
>>
>>>> consider an opportunity to pass to crtools an establised socket fd instead
>>>> of making it open one internally?
>>>
>>> No, not all.
>>
>> I think it's worth looking in that direction. Like
>>
>> [root at dump_onode]# crtools dump -t 1234 | ssh root at restore.node crtools restore -t 1234
> 
> Yes, that looks like a good idea. Do you want the approach I started
> also? Transferring the image over an unencrypted socket like in my
> patch? Or only something like your example?

I think that ability to read images via prepares fd should be the only thing
implemented. If you need unencrypted channel, you can use the same command as
above, but using tenlet instead of ssh.

> 		Adrian
> .
> 



More information about the CRIU mailing list