[CRIU] [RFC][PATCH 0/3] Proposal for native (w/o plugins) support for external bind mounts v2

Andrew Vagin avagin at parallels.com
Fri Jun 6 04:10:54 PDT 2014


On Thu, Jun 05, 2014 at 09:49:38AM -0700, Saied Kazemi wrote:
> Pavel,
> 
> Actually the first attempt is working, albeit with a little help.  So I don't
> think we need to _replace_ the entire path that is relative to the FS's root
> with what is passed to CRIU on the command line.  We just need to find the
> missing part of the pathname and prepend it to the relative path.
> 
> Let's look at the following realistic example from Docker.  Docker bind mounts
> the container's /etc/host as follows:
> 
> mount /var/lib/docker/containers/<ID>/hosts /var/lib/docker/vfs/dir/<ID>/etc/
> hosts
> 
> The container's root is at /var/lib/docker/vfs/dir/<ID>.  For container's /etc/
> hosts, CRIU records /containers/<ID>/hosts as source during dump.  On restore,
> CRIU already has the container's root and ./etc/hosts within it, so all it
> needs is the leading /var/lib/docker for external bind mount.  In other words,
> there is no need replacing the entire path which is --by the way-- dynamically
> generated for each container and not always easy to figure out.
> 
> Does it make sense?

I'm not sure that I understand you. Look at this:

I just want to show mountinfo for a real docket CT.

$ cat /proc/1554/mountinfo
102 68 0:33 / / rw,relatime - aufs none rw,si=d75b2efa562f7b3
103 102 8:1 /var/lib/docker/init/dockerinit-0.9.1 /.dockerinit ro,relatime - ext4 /dev/disk/by-uuid/291e7b1a-8396-44cf-9927-578b3401d0bd rw,errors=remount-ro,data=ordered
104 102 8:1 /var/lib/docker/containers/37192b3177f945beb4a92e182638652b35fa71b14ae5b11072e4bfe22e21d280/config.env /.dockerenv ro,relatime - ext4 /dev/disk/by-uuid/291e7b1a-8396-44cf-9927-578b3401d0bd rw,errors=remount-ro,data=ordered
105 102 0:16 /resolvconf/resolv.conf /etc/resolv.conf ro,relatime - tmpfs tmpfs rw,size=205004k,mode=755
106 102 8:1 /var/lib/docker/containers/37192b3177f945beb4a92e182638652b35fa71b14ae5b11072e4bfe22e21d280/hostname /etc/hostname ro,relatime - ext4 /dev/disk/by-uuid/291e7b1a-8396-44cf-9927-578b3401d0bd rw,errors=remount-ro,data=ordered
107 102 8:1 /var/lib/docker/containers/37192b3177f945beb4a92e182638652b35fa71b14ae5b11072e4bfe22e21d280/hosts /etc/hosts ro,relatime - ext4 /dev/disk/by-uuid/291e7b1a-8396-44cf-9927-578b3401d0bd rw,errors=remount-ro,data=ordered
108 102 0:35 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
109 102 0:36 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
110 102 0:37 / /dev/shm rw,nosuid,nodev,noexec,relatime - tmpfs shm rw,size=65536k
111 102 0:38 / /dev/pts rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=666
112 102 0:12 /7 /dev/console rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=000

So we have two types of bind-mounts:
* /var/lib/docker/containers/CTID
* /dev/console, /etc/resolv.conf

and the option should be able to handle all these cases...

For example:

on dump:
--ext-mount s:/var/lib/docker/containers/37192b3177f945beb4a92e182638652b35fa71b14ae5b11072e4bfe22e21d280/=CTPATH
	all source subpath is replaced on CTPATH

--ext-mount d:/dev/console=console
	a source path is set to "console", if a destination path is equal to /dev/console

on restore
--ext-mount CTPATH=/mnt/var/lib/docker/containers/37192b3177f945beb4a92e182638652b35fa71b14ae5b11072e4bfe22e21d280/
--ext-mount console=/dev/tty98

Is this what you suggest?
> 
> --Saied
> 
> 
> 
> On Thu, Jun 5, 2014 at 8:10 AM, Pavel Emelyanov <xemul at parallels.com> wrote:
> 
>     So, the 1st attempt with modifying original mount points roots is
>     not working since the paths we see in /proc and dump are relative
>     to the FS's root, not relative to global (well, CRIU's) root.
> 
>     That said, we can try to go another route and here it is.
> 
>     On dump we use one or more --ext-mount option with A=B arguments.
>     A denotes a mountpoint (as seen from the target mount namespace)
>     criu dumps and B is the string that will be written into the
>     image file instead of the mountpoint's root. E.g. if we have a
>     /foo/bar bind mounted into container under /x name, then the
>     --ext-mount /x=foobar option will tell criu, that /x is a mount
>     point with external source and it should write "foobar" into image
>     instead of the path read from /proc.
> 
>     On restore we use the same --ext-mount option(s) with similar
>     A=B arguments, but this time criu treats A as string from the
>     image's root field (foobar in the example above) and B as the
>     path in criu's mount namespace the should be bind mounted into
>     the mountpoint.
> 
>     For example, let's again imagine we have /foo/bar bind mounted
>     into container under /x name and /foo/bar is inaccessible from
>     this container.
> 
>     On dump we say --ext-mount /x=foobar and mountpoints.img will
>     contain a mountpoint with root=foobar and mountpoint=/x. On restore
>     we use --ext-mount foobar=/foo2/bar option. This will result the
>     /foo2/bar from criu's namespace get bind-mounted to /x inside the
>     container we restore.
> 
> 
>     Thanks,
>     Pavel
>     _______________________________________________
>     CRIU mailing list
>     CRIU at openvz.org
>     https://lists.openvz.org/mailman/listinfo/criu
> 
> 

> _______________________________________________
> CRIU mailing list
> CRIU at openvz.org
> https://lists.openvz.org/mailman/listinfo/criu



More information about the CRIU mailing list