...

Source file src/github.com/opencontainers/runc/restore.go

Documentation: github.com/opencontainers/runc 

     1  package main
     2  
     3  import (
     4  	"os"
     5  
     6  	"github.com/opencontainers/runc/libcontainer"
     7  	"github.com/opencontainers/runc/libcontainer/userns"
     8  	"github.com/sirupsen/logrus"
     9  	"github.com/urfave/cli"
    10  )
    11  
    12  var restoreCommand = cli.Command{
    13  	Name:  "restore",
    14  	Usage: "restore a container from a previous checkpoint",
    15  	ArgsUsage: `<container-id>
    16  
    17  Where "<container-id>" is the name for the instance of the container to be
    18  restored.`,
    19  	Description: `Restores the saved state of the container instance that was previously saved
    20  using the runc checkpoint command.`,
    21  	Flags: []cli.Flag{
    22  		cli.StringFlag{
    23  			Name:  "console-socket",
    24  			Value: "",
    25  			Usage: "path to an AF_UNIX socket which will receive a file descriptor referencing the master end of the console's pseudoterminal",
    26  		},
    27  		cli.StringFlag{
    28  			Name:  "image-path",
    29  			Value: "",
    30  			Usage: "path to criu image files for restoring",
    31  		},
    32  		cli.StringFlag{
    33  			Name:  "work-path",
    34  			Value: "",
    35  			Usage: "path for saving work files and logs",
    36  		},
    37  		cli.BoolFlag{
    38  			Name:  "tcp-established",
    39  			Usage: "allow open tcp connections",
    40  		},
    41  		cli.BoolFlag{
    42  			Name:  "ext-unix-sk",
    43  			Usage: "allow external unix sockets",
    44  		},
    45  		cli.BoolFlag{
    46  			Name:  "shell-job",
    47  			Usage: "allow shell jobs",
    48  		},
    49  		cli.BoolFlag{
    50  			Name:  "file-locks",
    51  			Usage: "handle file locks, for safety",
    52  		},
    53  		cli.StringFlag{
    54  			Name:  "manage-cgroups-mode",
    55  			Value: "",
    56  			Usage: "cgroups mode: 'soft' (default), 'full' and 'strict'",
    57  		},
    58  		cli.StringFlag{
    59  			Name:  "bundle, b",
    60  			Value: "",
    61  			Usage: "path to the root of the bundle directory",
    62  		},
    63  		cli.BoolFlag{
    64  			Name:  "detach,d",
    65  			Usage: "detach from the container's process",
    66  		},
    67  		cli.StringFlag{
    68  			Name:  "pid-file",
    69  			Value: "",
    70  			Usage: "specify the file to write the process id to",
    71  		},
    72  		cli.BoolFlag{
    73  			Name:  "no-subreaper",
    74  			Usage: "disable the use of the subreaper used to reap reparented processes",
    75  		},
    76  		cli.BoolFlag{
    77  			Name:  "no-pivot",
    78  			Usage: "do not use pivot root to jail process inside rootfs.  This should be used whenever the rootfs is on top of a ramdisk",
    79  		},
    80  		cli.StringSliceFlag{
    81  			Name:  "empty-ns",
    82  			Usage: "create a namespace, but don't restore its properties",
    83  		},
    84  		cli.BoolFlag{
    85  			Name:  "auto-dedup",
    86  			Usage: "enable auto deduplication of memory images",
    87  		},
    88  		cli.BoolFlag{
    89  			Name:  "lazy-pages",
    90  			Usage: "use userfaultfd to lazily restore memory pages",
    91  		},
    92  		cli.StringFlag{
    93  			Name:  "lsm-profile",
    94  			Value: "",
    95  			Usage: "Specify an LSM profile to be used during restore in the form of TYPE:NAME.",
    96  		},
    97  		cli.StringFlag{
    98  			Name:  "lsm-mount-context",
    99  			Value: "",
   100  			Usage: "Specify an LSM mount context to be used during restore.",
   101  		},
   102  	},
   103  	Action: func(context *cli.Context) error {
   104  		if err := checkArgs(context, 1, exactArgs); err != nil {
   105  			return err
   106  		}
   107  		// XXX: Currently this is untested with rootless containers.
   108  		if os.Geteuid() != 0 || userns.RunningInUserNS() {
   109  			logrus.Warn("runc checkpoint is untested with rootless containers")
   110  		}
   111  
   112  		options := criuOptions(context)
   113  		if err := setEmptyNsMask(context, options); err != nil {
   114  			return err
   115  		}
   116  		status, err := startContainer(context, CT_ACT_RESTORE, options)
   117  		if err != nil {
   118  			return err
   119  		}
   120  		// exit with the container's exit status so any external supervisor is
   121  		// notified of the exit with the correct exit status.
   122  		os.Exit(status)
   123  		return nil
   124  	},
   125  }
   126  
   127  func criuOptions(context *cli.Context) *libcontainer.CriuOpts {
   128  	imagePath, parentPath, err := prepareImagePaths(context)
   129  	if err != nil {
   130  		fatal(err)
   131  	}
   132  
   133  	return &libcontainer.CriuOpts{
   134  		ImagesDirectory:         imagePath,
   135  		WorkDirectory:           context.String("work-path"),
   136  		ParentImage:             parentPath,
   137  		LeaveRunning:            context.Bool("leave-running"),
   138  		TcpEstablished:          context.Bool("tcp-established"),
   139  		ExternalUnixConnections: context.Bool("ext-unix-sk"),
   140  		ShellJob:                context.Bool("shell-job"),
   141  		FileLocks:               context.Bool("file-locks"),
   142  		PreDump:                 context.Bool("pre-dump"),
   143  		AutoDedup:               context.Bool("auto-dedup"),
   144  		LazyPages:               context.Bool("lazy-pages"),
   145  		StatusFd:                context.Int("status-fd"),
   146  		LsmProfile:              context.String("lsm-profile"),
   147  		LsmMountContext:         context.String("lsm-mount-context"),
   148  	}
   149  }
   150  

View as plain text