[CRIU] [PATCH cr] app-test: dump and restore a Linux Container

[Andrey Vagin]

network-script.sh is used for locking and unlocking network in CT.

Here is an example of an LXC config:
lxc.console=none
lxc.utsname = test-lxc
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
lxc.mount = /root/test-lxc/etc/fstab
lxc.rootfs = /root/test-lxc-root/

Signed-off-by: Andrey Vagin <avagin at openvz.org>
---
 test/app-emu/lxc/network-script.sh |   57 +++++++++++++++++++++++++++++++++
 test/app-emu/lxc/run.sh            |   61 ++++++++++++++++++++++++++++++++++++
 2 files changed, 118 insertions(+), 0 deletions(-)
 create mode 100755 test/app-emu/lxc/network-script.sh
 create mode 100755 test/app-emu/lxc/run.sh

diff --git a/test/app-emu/lxc/network-script.sh b/test/app-emu/lxc/network-script.sh
new file mode 100755
index 0000000..ce0542f
--- /dev/null
+++ b/test/app-emu/lxc/network-script.sh
@@ -0,0 +1,57 @@
+#!/bin/bash
+
+[ -z "$CR_IP_TOOL" ] && CR_IP_TOOL=ip
+
+action=$1
+shift
+
+[[ "network-unlock" == "$CRTOOLS_SCRIPT_ACTION" ||
+   "network-lock" == "$CRTOOLS_SCRIPT_ACTION" ]] || exit 0
+
+set -o pipefail
+
+[ "$action" == dump ] && {
+	pid=$1
+	name=$2
+
+	# Find a pair of CT's eth0
+	ifindex=`$CR_IP_TOOL netns exec $name ethtool -S eth0 | awk '/index/ { print $2}'`
+	[ $? -eq 0 ] || exit 1
+
+	for i in /sys/devices/virtual/net/*; do
+		[ "`cat $i/ifindex`" == $ifindex ] && {
+			dst=`basename $i`
+			break;
+		}
+	done
+
+	[ -z "$dst" ] && exit 1
+
+	echo "$dst<=>eth0"
+
+	[ "network-unlock" == "$CRTOOLS_SCRIPT_ACTION" ] && {
+		echo Attach $dst to the bridge br0
+		brctl addif br0 $dst
+		exit $?
+	}
+
+	[ "network-lock" == "$CRTOOLS_SCRIPT_ACTION" ] && {
+		echo Detach $dst to the bridge br0
+		brctl delif br0 $dst
+		exit $?
+	}
+
+	exit 0
+}
+
+[ "$action" == restore ] && {
+	[ "network-unlock" == "$CRTOOLS_SCRIPT_ACTION" ] && {
+		ethname=$1
+		echo Attach $ethname to the bridge br0
+		ip link set up dev $ethname
+		brctl addif br0 $ethname
+		exit $?
+	}
+}
+
+exit 0
diff --git a/test/app-emu/lxc/run.sh b/test/app-emu/lxc/run.sh
new file mode 100755
index 0000000..b486e0c
--- /dev/null
+++ b/test/app-emu/lxc/run.sh
@@ -0,0 +1,61 @@
+#!/bin/bash
+
+[ -z "$CR_IP_TOOL" ] && CR_IP_TOOL=ip
+
+cd `dirname $0`
+
+crtools="../../../crtools"
+
+name=$1
+[ -z "$name" ] && { cat <<EOF
+Usage: $0 NAME [PID]"
+	NAME - a container name
+	PID  - PID of the container's "init". It's required, if CT is dumped
+               in a second time, because LXC tools don't work in this case.
+EOF
+	exit 1;
+}
+
+pid=$2
+
+[ -z "$pid" ] && {
+	lxc-info --name $name || exit 1
+
+	pid=$(lxc-info --name $name | awk '/pid:/ { print $2 }')
+}
+
+echo "The CT's \"init\" process has PID of $pid"
+kill -0 $pid || exit 1
+
+ln -sf /proc/$pid/ns/net /var/run/netns/$name
+$CR_IP_TOOL netns exec $name ip a || exit 1
+
+mkdir data
+
+echo "Dump the CT $name ($pid)"
+${crtools} dump --evasive-devices						\
+		--tcp-established						\
+		-n net -n mnt -n ipc -n pid					\
+		--script "`pwd`/network-script.sh dump $pid $name"		\
+		-vvvv -D data -o dump.log -t $pid || exit 1
+echo "The CT $name was dumped successfully"
+
+echo Press Enter for restoring CT
+read
+
+echo "Restore the CT $name ($pid)"
+${crtools} restore 	--evasive-devices					\
+			--tcp-established					\
+			-n net -n mnt -n ipc -n pid				\
+			--script "`pwd`/network-script.sh restore $name.0"	\
+			--veth-pair eth0=$name.0				\
+			--root /root/test-lxc-root				\
+			--pidfile newpid.log					\
+			-vvvv -D data -d -o restore.log -t $pid || exit 1
+echo "The CT $name was restored successfully"
+
+pid=`cat data/newpid.log`;
+echo "The CT's \"init\" process has PID of $pid"
+kill -0 $pid || exit 1
+ln -sf /proc/$pid/ns/net /var/run/netns/$name
+$CR_IP_TOOL netns exec $name ip a || exit 1
-- 
1.7.1