zishuo/runc
1
0
Fork 0
mirror of https://github.com/opencontainers/runc.git synced 2025-10-20 14:15:34 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2259 from adrianreber/v2-test

Browse Source 
Add minimal cgroup2 checkpoint/restore support
This commit is contained in:
Michael Crosby
2020-03-31 15:01:18 -04:00
committed by GitHub
parent 8221d999f3 3e99aa3628
commit 9ec5b03e5a
4 changed files with 31 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.travis.yml
View File

@@ -32,7 +32,8 @@ matrix:
- ssh default sudo dnf install -y podman - ssh default sudo dnf install -y podman
script: script:
- ssh default sudo podman build -t test /vagrant - ssh default sudo podman build -t test /vagrant
- ssh default sudo podman run --privileged --cgroupns=private test make localunittest # Mounting /lib/modules into the container is necessary as CRIU wants to load (via iptables) additional modules
- ssh default sudo podman run --privileged --cgroupns=private -v /lib/modules:/lib/modules:ro test make localunittest
allow_failures: allow_failures:
- go: tip - go: tip
- name: "cgroup-v2" - name: "cgroup-v2"

8
Dockerfile
View File

@@ -1,6 +1,6 @@
ARG GO_VERSION=1.13 ARG GO_VERSION=1.13
ARG BATS_VERSION=03608115df2071fff4eaaff1605768c275e5f81f ARG BATS_VERSION=03608115df2071fff4eaaff1605768c275e5f81f
ARG CRIU_VERSION=v3.12 ARG CRIU_VERSION=v3.13
FROM golang:${GO_VERSION}-buster FROM golang:${GO_VERSION}-buster
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND=noninteractive
@@ -62,7 +62,13 @@ ARG CRIU_VERSION
RUN mkdir -p /usr/src/criu \ RUN mkdir -p /usr/src/criu \
&& curl -fsSL https://github.com/checkpoint-restore/criu/archive/${CRIU_VERSION}.tar.gz | tar -C /usr/src/criu/ -xz --strip-components=1 \ && curl -fsSL https://github.com/checkpoint-restore/criu/archive/${CRIU_VERSION}.tar.gz | tar -C /usr/src/criu/ -xz --strip-components=1 \
&& cd /usr/src/criu \ && cd /usr/src/criu \
&& echo 1 > .gitid \
&& curl -sSL https://github.com/checkpoint-restore/criu/commit/4c27b3db4f4325a311d8bfa9a50ea3efb4d6e377.patch | patch -p1 \
&& curl -sSL https://github.com/checkpoint-restore/criu/commit/aac41164b2cd7f0d2047f207b32844524682e43f.patch | patch -p1 \
&& curl -sSL https://github.com/checkpoint-restore/criu/commit/6f19249b2565f3f7c0a1f8f65b4ae180e8f7f34b.patch | patch -p1 \
&& curl -sSL https://github.com/checkpoint-restore/criu/commit/378337a496ca759848180bc5411e4446298c5e4e.patch | patch -p1 \
&& make install-criu \ && make install-criu \
&& cd - \
&& rm -rf /usr/src/criu && rm -rf /usr/src/criu
COPY script/tmpmount / COPY script/tmpmount /

9
libcontainer/container_linux.go
View File

@@ -1015,10 +1015,15 @@ func (c *linuxContainer) Checkpoint(criuOpts *CriuOpts) error {
} }
} }
fcg := c.cgroupManager.GetPaths()["freezer"] if !cgroups.IsCgroup2UnifiedMode() && c.checkCriuVersion(31400) == nil {
if fcg != "" { // CRIU currently cannot handle the v2 freezer correctly
// before release 3.14. For older releases we are telling
// CRIU to not use the cgroup v2 freezer. CRIU will pause
// each process manually using ptrace().
if fcg := c.cgroupManager.GetPaths()["freezer"]; fcg != "" {
rpcOpts.FreezeCgroup = proto.String(fcg) rpcOpts.FreezeCgroup = proto.String(fcg)
} }
}
// append optional criu opts, e.g., page-server and port // append optional criu opts, e.g., page-server and port
if criuOpts.PageServer.Address != "" && criuOpts.PageServer.Port != 0 { if criuOpts.PageServer.Address != "" && criuOpts.PageServer.Port != 0 {

23
libcontainer/integration/checkpoint_test.go
View File

@@ -60,9 +60,6 @@ func testCheckpoint(t *testing.T, userns bool) {
if testing.Short() { if testing.Short() {
return return
} }
if cgroups.IsCgroup2UnifiedMode() {
t.Skip("cgroup v2 is not supported")
}
root, err := newTestRoot() root, err := newTestRoot()
if err != nil { if err != nil {
@@ -78,16 +75,24 @@ func testCheckpoint(t *testing.T, userns bool) {
config := newTemplateConfig(rootfs) config := newTemplateConfig(rootfs)
config.Mounts = append(config.Mounts, &configs.Mount{
Destination: "/sys/fs/cgroup",
Device: "cgroup",
Flags: defaultMountFlags | unix.MS_RDONLY,
})
if userns { if userns {
config.UidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}} config.UidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
config.GidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}} config.GidMappings = []configs.IDMap{{HostID: 0, ContainerID: 0, Size: 1000}}
config.Namespaces = append(config.Namespaces, configs.Namespace{Type: configs.NEWUSER}) config.Namespaces = append(config.Namespaces, configs.Namespace{Type: configs.NEWUSER})
} else {
var cgroupDevice string
if cgroups.IsCgroup2UnifiedMode() {
cgroupDevice = "cgroup2"
} else {
cgroupDevice = "cgroup"
}
config.Mounts = append(config.Mounts, &configs.Mount{
Destination: "/sys/fs/cgroup",
Device: cgroupDevice,
Flags: defaultMountFlags | unix.MS_RDONLY,
})
} }
factory, err := libcontainer.New(root, libcontainer.Cgroupfs) factory, err := libcontainer.New(root, libcontainer.Cgroupfs)