1. CRIU - Checkpoint/Restore in User-space
Andrey Vagin <avagin@openvz.org><

2. Goals
●
Full support of Linux Containers
●
Integration with other projects
–
OpenVZ
–
OpenMPI
–
Systemd
–
Docker
–
LXC
●
Support of ARM64 and i386
●
RKU (seamless kernel update)
2

3. Where is CRIU now?
3

4. Who is CRIU user?
4

5. What is new?
●
All patches are in the upstream kernel
●
Images deduplication in incremental dumps
●
RPC, library
●
Improve stability and reliability
●
Improve performance
●
Plugins
●
In a queue
–
–
●
Nested mount name-spaces (near future)
User name-space
Support new objects: tun; posix-timers; shared, slave mounts; btrfs and
nfs; inotify
5

6. Plugins
●
Unknown file types
●
External dependencies
–
Unix sockets (dbus, journald, rsyslog, etc)
–
Unknown character and block devices.
–
External bind-mounts
–
External net devices
–
External something else
6

7. RPC and libcriu.so
●
Easy to use from other languages
–
●
The protocol is based on protobuf messages
Allow to use CRIU for unprivileged processes
–
–
●
CRIU still requires root privileges to run
UNIX domain sockets support passing credentials
Self-dump
–
A process can request to dump itself
7

8. In a Nutshell, CRIU...
.... has had 7,904 commits made by 31 contributors
representing 105,882 lines of code
... is mostly written in C
with a very low number of source code comments
... has a young, but established codebase
maintained by a large development team
with decreasing Y-O-Y commits
https://www.ohloh.net/p/criu#
8

9. P.haul (process hauler) - Live migration using CRIU
Live migration using CRIU
●
Iterative
●
Optimal
●
Customizable
#./p.haul ovz 100 10.30.25.213
Migration succeeded
total time is ~2.86 sec
frozen time is ~1.99 sec
( ['0.27', '0.18', '1.55'] )
restore time is ~0.86 sec
img sync time is ~0.32 sec
9

10. Compel
-
a foreign process to execute code blob provided
●
extensible via plugins mechanism
●
supplied with precompiled plugins
–
–
printf's
–
●
system calls
unix SCM messages
still in alfa stage
10

11. Thank you
http://criu.org