[CRIU] Docker User Namespaces + CRIU

Andrei Vagin avagin at virtuozzo.com
Tue Nov 8 15:46:48 PST 2016 

On Mon, Oct 31, 2016 at 02:39:00PM +0000, Ross Boucher wrote:
> Andrei, 
> 
> Sorry it took so long for me to try this out. Didn't quite work, here's the
> dump log (it's a new error):
> https://gist.github.com/boucher/4cb16a71a64f11c7877dcd6696d2a062

Coul you try out without aufs and with the link-remap option?

Thanks,
Andrei

> 
> -Ross
> 
> 
> 
> On Mon, Oct 17, 2016 at 7:29 PM Andrei Vagin <avagin at virtuozzo.com> wrote:
> 
>     On Tue, Oct 04, 2016 at 08:40:42AM -0700, Andrei Vagin wrote:
>     > On Tue, Oct 4, 2016 at 2:58 AM, Pavel Emelyanov <xemul at virtuozzo.com>
>     wrote:
>     > > On 09/30/2016 05:42 PM, Ross Boucher wrote:
>     > >> hmm. That path should be just pointing to /dev/null.
>     > >
>     > > Then the "--ext-mount-map auto" ? :)
>     >
>     > I think it is a bad idea to use "--ext-mount-map auto"  here. It may
>     > solve this problem, but add other side effects.
>     >
>     > I remember runc has a code to handle ext mounts, so we need to add
>     > logic about these mounts too.
> 
>     Hi Ross,
> 
>     I think I've fixed CRIU and runc to dump/restore containers with userns.
>     Clould you try out how it works for you?
> 
>     https://github.com/opencontainers/runc/pull/1110
>     https://github.com/avagin/criu/tree/docker
> 
>     Thanks,
>     Andrei
>     >
>     > >
>     > >> On Fri, Sep 30, 2016 at 5:59 AM Pavel Emelyanov <xemul at virtuozzo.com
>     <mailto:xemul at virtuozzo.com>> wrote:
>     > >>
>     > >>     On 09/28/2016 05:18 PM, Ross Boucher wrote:
>     > >>     > Hey all,
>     > >>     >
>     > >>     > I wanted to start playing around with user namespace support in
>     Docker as part of seeing where checkpoint/restore currently works and
>     doesn't work. Turns out things don't work currently, here's a checkpoint
>     log:
>     > >>     >
>     > >>     > https://gist.github.com/boucher/768a74b236470e3d28a49990fe2f1665
>     > >>
>     > >>     Error (mount.c:716): mnt: 66:./proc/sched_debug
>     > >>
>     > >>     It's again the lack of --ext-mount-map option.
>     > >>
>     > >>     > Any thoughts on what might be going wrong?
>     > >>     >
>     > >>     > -Ross
>     > >>     >
>     > >>     >
>     > >>     > _______________________________________________
>     > >>     > CRIU mailing list
>     > >>     > CRIU at openvz.org <mailto:CRIU at openvz.org>
>     > >>     > https://lists.openvz.org/mailman/listinfo/criu
>     > >>     >
>     > >>
>     > >
>     > > _______________________________________________
>     > > CRIU mailing list
>     > > CRIU at openvz.org
>     > > https://lists.openvz.org/mailman/listinfo/criu
>     > _______________________________________________
>     > CRIU mailing list
>     > CRIU at openvz.org
>     > https://lists.openvz.org/mailman/listinfo/criu
>     _______________________________________________
>     CRIU mailing list
>     CRIU at openvz.org
>     https://lists.openvz.org/mailman/listinfo/criu
>

More information about the CRIU mailing list