[CRIU] namespace and selinux in container(docker) migration with criu
Dengguangxing
dengguangxing at huawei.com
Fri Dec 25 19:31:07 PST 2015
Hi all,
I am trying to migrate docker container across hosts with boucher's work on C/R.
and got these problems below, not sure if they are supported yet:
1. about shared-namespace. docker containers may share namespace(pods in kubernetes especially).
I've tested this, and found that the status of shared-namespace can not be kept. Restored
process(container) gets totally new namespace.
2. selinux. docker containers support selinux. so can selinux label be dumped and restored?
How do criu deal with selinux?
3. container network. this may not be criu related, so cc rboucher for this : )
container restore would reserve container IP address, but the network won't work.
It will be great to figure out the reason.
and maybe there are other factors that affect container migration. it will be great to discuss here.
Thanks~
Deng Guangxing
More information about the CRIU
mailing list