[CRIU] CRIU LXC Container Live Migration Concerns

Deepak Vij (A) deepak.vij at huawei.com
Thu May 1 09:38:40 PDT 2014 

Thanks.

-----Original Message-----
From: James Bottomley [mailto:jbottomley at parallels.com] 
Sent: Wednesday, April 30, 2014 10:45 PM
To: Deepak Vij (A)
Cc: Pavel Emelianov; criu at openvz.org
Subject: Re: [CRIU] CRIU LXC Container Live Migration Concerns

On Wed, 2014-04-30 at 23:07 +0000, Deepak Vij (A) wrote:
> Thanks James for your response. It all makes sense except for the
> following comment you made.
> 
> =======================
> I don't quite see why you think the docker or OpenVZ templates
> wouldn't work inter-cloud.  We think they do.
> =======================
> 
> I think you misinterpreted my note on this. What I meant was the
> traditional hypervisor based virtualization is not a viable option. I
> definitely think that LXC/OpenVZ based Container is the right
> unit-of-work for portability across clouds. We are planning to make
> major headway on this going forward as part of the IEEE P2302
> Intercloud standardization & testbed effort. That is the reason I have
> been asking all these questions so far.
> 
> Another thing was brought to my attention by one of my IEEE Intercloud
> working group member. It seems you folks at Parallels/OpenVZ support
> reboot-less updates (for example Ksplice like object level
> security/performance kernel patches etc.). Based on my understanding,
> at the time of such an update, all running containers are suspended in
> server's memory and subsequently seamlessly resumed rather than shut
> down & started again in order to reduce the downtime and service
> outage for end users.
> 
> My question is, as part of CRIU, are you folks doing the same for LXC
> containers as well? Thanks.

Using CRIU for rebootless updates isn't actually a "container" feature
per-se.  CRIU can checkpoint almost any process or group of processes in
Linux regardless of whether they're running in a container or not.  The
rebootless update is done simply by checkpointing everything to a
capsule, kexec'ing to the new kernel preserving the capsule and then
restoring everything from the capsule.  Doing this with practically no
down time depends on using a zero copy technique to splice the
checkpoint and restore images into and out of the capsule.  As long as
we know how to checkpoint all the features used by lxc, or zerovm or any
other container system, rebootless updates should just work.

James

More information about the CRIU mailing list