Container Live Migration Adrian Reber FOSDEM 2020, February 01 Red - - PowerPoint PPT Presentation

container live migration
SMART_READER_LITE
LIVE PREVIEW

Container Live Migration Adrian Reber FOSDEM 2020, February 01 Red - - PowerPoint PPT Presentation

Feb 18, 2023 307 likes •794 views

Container Live Migration Adrian Reber FOSDEM 2020, February 01 Red Hat Blog: Container migration with Podman on RHEL https://www.redhat.com/en/blog/container-migration-podman-rhel 2 FOSDEM 2020 Definition: Container Live Migration 3

slide-1
SLIDE 1

Container Live Migration

Adrian Reber FOSDEM 2020, February 01

slide-2
SLIDE 2

Red Hat Blog:

Container migration with Podman on RHEL

https://www.redhat.com/en/blog/container-migration-podman-rhel

2 FOSDEM 2020

slide-3
SLIDE 3

Definition: Container Live Migration

3 FOSDEM 2020

slide-4
SLIDE 4

Transfer Running Container

4 FOSDEM 2020

slide-5
SLIDE 5

Serialize on Source System

5 FOSDEM 2020

slide-6
SLIDE 6

Transfer to Destination System

6 FOSDEM 2020

slide-7
SLIDE 7

Checkpoint/Restore in Userspace CRIU

7 FOSDEM 2020

slide-8
SLIDE 8

Multiple Integrations Exist

8 FOSDEM 2020

slide-9
SLIDE 9

CRIU

9 FOSDEM 2020

slide-10
SLIDE 10

First Step: Checkpointing

10 FOSDEM 2020

slide-11
SLIDE 11

Seize Process Using ptrace()

11 FOSDEM 2020

slide-12
SLIDE 12

Collect Details From /proc/<PID>/*

12 FOSDEM 2020

slide-13
SLIDE 13

Parasite Code

13 FOSDEM 2020

slide-14
SLIDE 14

Parasite Code Most favorite part

14 FOSDEM 2020

slide-15
SLIDE 15

Parasite Code And the craziest

15 FOSDEM 2020

slide-16
SLIDE 16

Parasite Code Injected into the process

16 FOSDEM 2020

slide-17
SLIDE 17

Parasite Code Daemon waiting for commands

17 FOSDEM 2020

slide-18
SLIDE 18

Parasite Code Removed after usage

18 FOSDEM 2020

slide-19
SLIDE 19

Checkpointing Finished

19 FOSDEM 2020

slide-20
SLIDE 20

Checkpointing Finished All relevant information written

20 FOSDEM 2020

slide-21
SLIDE 21

Checkpointing Finished Target process is killed

21 FOSDEM 2020

slide-22
SLIDE 22

Checkpointing Finished Or continues to run

22 FOSDEM 2020

slide-23
SLIDE 23

Container Live Migration SELinux Linux Security Summit EU 2019

https://sched.co/Tymj

23 FOSDEM 2020

slide-24
SLIDE 24

Second/Last Step: Restoring

24 FOSDEM 2020

slide-25
SLIDE 25

Read Checkpoint Images

25 FOSDEM 2020

slide-26
SLIDE 26

clone() For Each PID/TID LPC: CRIU and the PID dance clone3() with Linux 5.5

https://linuxplumbersconf.org/event/4/contributions/472/

26 FOSDEM 2020

slide-27
SLIDE 27

CRIU Morphs Itself Open and position file descriptors

27 FOSDEM 2020

slide-28
SLIDE 28

CRIU Morphs Itself Map memory pages

28 FOSDEM 2020

slide-29
SLIDE 29

CRIU Morphs Itself Load security settings

29 FOSDEM 2020

slide-30
SLIDE 30

CRIU Morphs Itself Jump into restored process

30 FOSDEM 2020

slide-31
SLIDE 31

Container Live Migration

31 FOSDEM 2020

slide-32
SLIDE 32

Container Live Migration OpenVZ

32 FOSDEM 2020

slide-33
SLIDE 33

Container Live Migration Borg

33 FOSDEM 2020

slide-34
SLIDE 34

Container Live Migration LXC/LXD

34 FOSDEM 2020

slide-35
SLIDE 35

Container Live Migration Docker

35 FOSDEM 2020

slide-36
SLIDE 36

Container Live Migration Podman

36 FOSDEM 2020

slide-37
SLIDE 37

Podman: daemonless

37 FOSDEM 2020

slide-38
SLIDE 38

Podman: rootless

38 FOSDEM 2020

slide-39
SLIDE 39

Podman: Checkpoint/Restore October 2018

39 FOSDEM 2020

slide-40
SLIDE 40

Podman: Checkpoint/Restore Required runc and CRIU changes

40 FOSDEM 2020

slide-41
SLIDE 41

Podman: Container Live Migration June 2019

41 FOSDEM 2020

slide-42
SLIDE 42

Podman: Container Live Migration Required runc, CRIU, SELinux changes

42 FOSDEM 2020

slide-43
SLIDE 43

1 # podman run --rm -d adrianreber/wildfly -hello 2 699f33eb7fecbc5bbb00400be0aa79c888dbc63a54cac7bd2eed836a57d8a68a 3 # podman inspect -l --format "{{.NetworkSettings.IPAddress}}" 4 10.88.0.247 5 # curl 10.88.0.247:8080/helloworld/ 6 0 7 # curl 10.88.0.247:8080/helloworld/ 8 1 9 # podman container checkpoint -l --export=/tmp/chkpt.tar.gz 10 699f33eb7fecbc5bbb00400be0aa79c888dbc63a54cac7bd2eed836a57d8a68a 11 # scp /tmp/chkpt.tar.gz rhel08:/tmp 43 FOSDEM 2020

slide-44
SLIDE 44

1 # podman container restore --import=/tmp/chkpt.tar.gz 2 699f33eb7fecbc5bbb00400be0aa79c888dbc63a54cac7bd2eed836a57d8a68a 3 # podman inspect -l --format "{{.NetworkSettings.IPAddress}}" 4 10.88.0.247 5 # curl 10.88.0.247:8080/helloworld/ 6 2 7 # curl 10.88.0.247:8080/helloworld/ 8 3 44 FOSDEM 2020

slide-45
SLIDE 45

1 # podman container restore --import=/tmp/chkpt.tar.gz -n hello1 2 d02feeec894d77f66cc82484fe77ae369396a85f6d05594dc156c21e685942dd 3 # podman container restore --import=/tmp/chkpt.tar.gz -n hello2 4 735efb4fee6961d3eee069beb28dde5cbc6fc46c1a32a43ecc993d04c02015b2 5 # podman inspect --format "{{.NetworkSettings.IPAddress}}" hello1 6 10.88.0.248 7 # podman inspect --format "{{.NetworkSettings.IPAddress}}" hello2 8 10.88.0.249 9 # curl 10.88.0.248:8080/helloworld/ 10 2 11 # curl 10.88.0.249:8080/helloworld/ 12 2 45 FOSDEM 2020

slide-46
SLIDE 46

https://lisas.de/~adrian/container-live-migration-article.pdf https://asciinema.org/a/249922 https://asciinema.org/a/249918 https://lisas.de/~adrian/posts/2019-Apr-10-criu-and-selinux.html https://criu.org/Podman https://twitter.com/adrian__reber https://www.redhat.com/en/blog/container-migration-podman-rhel https://cfp.all-systems-go.io/ASG2019/talk/E88Z7V/ https://sched.co/Tymj https://linuxplumbersconf.org/event/4/contributions/472/

46 FOSDEM 2020

slide-47
SLIDE 47

Thank you