[CRIU] implementing some kind of --leave-frozen option for c/r in CRIU
Pavel Emelyanov
xemul at virtuozzo.com
Wed May 11 05:50:35 PDT 2016
On 05/10/2016 08:04 PM, Tycho Andersen wrote:
> Hi guys,
>
> I'm looking at implementing some kind of --leave-frozen option in
> CRIU, so that we can have a basic UX in LXD where we can wait for the
> restore to be successful before we kill the checkpointed container.
There's a patchset titled "[PATCHv1 0/2] implement --leave-stopped option
for CRIU restorer". Does your one do the same thing or they are different?
-- Pavel
> I know p.haul does this by just using a callback, but it would be sort
> of painful to absorb just the callback part without doing a lot of
> extra engineering. We'll get LXD using p.haul someday, though :)
>
> The actual --leave-frozen patch is not so bad (see attached), but I'm
> not sure what to do about the network locking/unlocking bits.
>
> It seems like it is always safe to do the bits in
> cpt_unlock_tcp_connections() since that's just disabling tcp repair
> mode, but all of the iptables rules seem necessary in order to keep
> the network locked.
>
> So my question is: is there a nice way we can "tag" these rules so
> that something can come by and delete them later? I was thinking about
> having criu add a comment (via -m comment --comment "CRIU-LOCK-RULE")
> to each rule it adds, but I'm not sure if there's a better way, or if
> I've missed something entirely.
>
> Thanks!
>
> Tycho
>
>
>
> _______________________________________________
> CRIU mailing list
> CRIU at openvz.org
> https://lists.openvz.org/mailman/listinfo/criu
>
More information about the CRIU
mailing list